Re: [DISCUSS] Metron assessment tool

If the tool starts at Kafka, the user would have to already have committed to the investment in the infrastructure and time to setup the sensors that feed Kafka and Kafka itself. Maybe it would need to be further upstream? On Apr 13, 2016 1:05 PM, "James Sirota" wrote:

Re: [DISCUSS] Metron assessment tool

Hi Goerge, This article defines micro-tuning of the existing cluster. What I am proposing is a level up from that. When you start with Metron how do you even know how many nodes you need? And of these nodes how many do you allocate to Storm, indexing, storage? How much storage do you

Re: [DISCUSS] Metron assessment tool

I have used the following Kafka and Storm Best Practices guide at numerous customer implementations. https://community.hortonworks.com/articles/550/unofficial-storm-and-kafka-b est-practices-guide.html We need to have something similar and prescriptive for Metron based on: 1. What data sources

Re: [DISCUSS] Metron assessment tool

+ 1 to James suggestion. We also need to consider not just the data volume and storage requirements for proper cluster sizing but also processing requirements as well. Given that in the new architecture, we have moved to single enrichment topology that will support all data sources, proper sizing

Re: [ANOUNUCE] Metron IRC Channel

If someone has done it before pleas go ahead else will do it. Sent from my iPhone > On Apr 13, 2016, at 9:06 AM, Elana Hashman > wrote: > > +1 to the IRC bot! > > From: David Lyle > Sent: Wednesday,

Re: [ANOUNUCE] Metron IRC Channel

Will do Sent from my iPhone > On Apr 13, 2016, at 9:06 AM, Elana Hashman > wrote: > > +1 to the IRC bot! > > From: David Lyle > Sent: Wednesday, April 13, 2016 6:30 AM > To:

Re: [ANOUNUCE] Metron IRC Channel

+1 to the IRC bot! From: David Lyle Sent: Wednesday, April 13, 2016 6:30 AM To: dev@metron.incubator.apache.org Subject: Re: [ANOUNUCE] Metron IRC Channel Good deal- is there any interest in setting up the asf ircbot?

[GitHub] incubator-metron pull request: Unit tests for enrichment adapters

Github user franklu1 closed the pull request at: https://github.com/apache/incubator-metron/pull/75 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron pull request: METRON-108 Created fast packet capt...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/73 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

Re: [DISCUSS] Project reorganization

James brings up a good point. I propose adding another project under metron-platform called metron-configuration. This would be a fairly lightweight project that would contain anything related to configuration (property files, json files, flux files, etc). On 4/13/16, 8:56 AM, "James Sirota"

Re: [DISCUSS] Project reorganization

+1 I like it. On Wed, Apr 13, 2016 at 9:59 AM, Ryan Merriman wrote: > To answer a couple of other questions people asked: > > Debo, agreed having clear extension points is going to be extremely > important for us. Currently we have well defined interfaces for parsers

Re: [DISCUSS] Project reorganization

To answer a couple of other questions people asked: Debo, agreed having clear extension points is going to be extremely important for us. Currently we have well defined interfaces for parsers and enrichment adapters as well as the ability to load data into and drive enrichments (threat intels)

Re: [DISCUSS] Project reorganization

+1 from me. I would also like to address the configs and make sure the configs are in the same place. Do you have ideas on where we would put those? Thanks, James On 4/13/16, 6:50 AM, "Ryan Merriman" wrote: >Thank you for all the feedback everyone. I will