Similar to the YAF dashboard from https://issues.apache. org/jira/browse/METRON-676, it would be nice to have a similar Zeppelin dashboard for Bro.
Couple topics we can include - Number of total queries per hour - Geo-location frequency - Top sites requests vs non-top requests The Alexa requests tie in with https://issues.apache. org/jira/browse/METRON-709, specifically the part about modifying Bro configs to use the data. There's been some discussion on where that lives and how it's managed, so we won't be able to do much with it right now. Is there anything else we'd consider essential in our first pass? Or anything we'd like to iterate on in the future? I'm not an expert in how Bro data actually looks in practice, so I'd love to get some input on features that would be nice to have. For these types of dashboards, there's also the question of, using top sites as an example, of "If this user doesn't have top sites data, is there anything we can do in Zeppelin about hiding or not displaying that paragraph?". I don't believe there's a built in way to handle that (but again, I could be wrong), so it might involve being a bit more verbose in what we actually do in the paragraphs. Justin
