streamalert
streamalert copied to clipboard
airbnb
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
## Background Currently if you want to leverage publishers for a rule, you have to configure them for every single rule that you want to use the publisher for. While...
## Background [In the discussion](https://github.com/airbnb/streamalert/pull/1191#discussion_r393152889) of PR #1191, we brought up to support custom stream name for firehose. Currently, the stream name of firehose for `data` is autogenerated based on...
## Background StreamAlert currently has a Duo application for pulling logs from the legacy v1 logs API. ### Description This should be updated to use the newer v2 API which...
related to: #1153 ## Background The current [LambdaPackage](https://github.com/airbnb/streamalert/blob/9718c28d2da86d09b5be487f875e339c37a8a1ea/streamalert_cli/manage_lambda/package.py#L31) class has a fairly janky method of managing dependencies and creating deployment packages. ## Proposal * Add a setuptools `setup.py`to each `streamalert//`...
## Background The `rec` that is passed to any given rule function is an ordinary `dict` that allows for lookups, etc to perform alerting logic. We have built a lot...
## Background StreamAlert apps currently have some [pre-packaged zips](https://github.com/airbnb/streamalert/tree/release-3-0-0/streamalert/apps/_apps) due to the need for natively compiled libraries in the lambda environment (_shakes fist at cryptography lib_). These are extracted as...
## Background kinesis aggregation : https://github.com/awslabs/amazon-kinesis-producer/blob/master/aggregation-format.md used to efficient puts into kinesis data stream to avoid throttling ### Description classifier lambda exiting with errors like invalid JSON , after careful...
## Background ```python [ERROR] ProtocolError: ("Connection broken: ConnectionResetError(104, 'Connection reset by peer')", ConnectionResetError(104, 'Connection reset by peer')) Traceback (most recent call last): File "/var/task/streamalert/classifier/main.py", line 26, in handler Classifier().run(event.get('Records', []))...
## Background While testing the PR #1093, I got ` Error deleting CloudWatch Log Metric Filter: ResourceNotFoundException` errors in the end of `python manage.py destroy` operation. Re-run `python manage.py destroy`...
## Background Current, the threat intel downloader function is tightly coupled to [ThreatStream](https://www.anomali.com/products/threatstream), which means users must have a anomli account ($$) to take advantage of this feature. ## Desired...