How do I do it using kibana dashboard? What would be the most easy way?
On Wed, Dec 6, 2017 at 7:35 PM, Simon Elliston Ball < si...@simonellistonball.com> wrote: > Agreed… for the users list I would just say use the Install Notebooks > action, and look at the squid example on the wiki, but since it was you who > asked for links, Otto, I went a bit dev list ;) > > Simon > > > On 6 Dec 2017, at 14:33, Otto Fowler <ottobackwa...@gmail.com> wrote: > > The issue is the requirement for people on the user list to go to the > source. > > > On December 6, 2017 at 09:16:39, Simon Elliston Ball ( > si...@simonellistonball.com) wrote: > > No problem, I’ll grant you it’s not in the most intuitive part of the > source tree to go digging in, but you can also get to the zeppelin bits via > the actions button on the Metron config section (Install Notebooks) > > If anyone has any good ideas (or code!) for sample zeppelin notebooks that > would be useful, you can add them to a specific instance of the platform > via the config/zeppelin/metron location and run the action again I believe, > and this would be a great place for more security people to contribute > sample run books for example. There are also efforts by commercial support > providers I believe to add more samples of both dashboards and use cases. > > Simon > > On 6 Dec 2017, at 14:12, Otto Fowler <ottobackwa...@gmail.com> wrote: > > Thanks Simon > > > On December 6, 2017 at 09:11:50, Simon Elliston Ball ( > si...@simonellistonball.com) wrote: > > In product… Install Zeppelin Notebooks, and the samples including > notebooks at https://github.com/apache/metron/tree/master/metron- > platform/metron-indexing/src/main/config/zeppelin/metron > > as of course there are similar Kibana dashboards included, which are > examples of custom visualisation of metron data, there is also the run book > for visualising squid data in kibana on the docs wiki > https://cwiki.apache.org/confluence/display/METRON/ > Enhancing+Metron+Dashboard > > Should at least get us started. > > Simon > > On 6 Dec 2017, at 14:00, Otto Fowler <ottobackwa...@gmail.com> wrote: > > Links? > > > On December 6, 2017 at 08:18:23, Simon Elliston Ball ( > si...@simonellistonball.com) wrote: > > We do already have a number of example of exactly this, but sure if > someone feels like adding to those that would be great. > > Simon > > On 6 Dec 2017, at 13:14, Otto Fowler <ottobackwa...@gmail.com> wrote: > > Maybe a Jira logged for an ‘example’ notebook for this would be > appropriate as well? > > > On December 6, 2017 at 07:06:30, Simon Elliston Ball ( > si...@simonellistonball.com) wrote: > > Yes. Consider a zeppelin notebook, or kibana dashboard for this. > > If you want to use these values for detection, consider building a profile > based on the stats objects (see the profiler section of the documentation > under analytics. > > Simon > > > On 6 Dec 2017, at 07:42, Syed Hammad Tahir <mscs16...@itu.edu.pk> wrote: > > > > > Hi, > > > > Can I setup custom visualization to show lets say the peak netrwork > usage traffic in a certain time? > > > > Regards. > > >
