streamalert
streamalert copied to clipboard
airbnb
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
## Background The current StreamAlert app implementation utilizes a single lambda function which can lead to numerous issues. 1. If the function times out, either due to a hanging http...
## Background With the advent of #900, we now have redundant information being provided to `@rule` constructors: ``` @Rule( logs=['cloudtrail:misc'], outputs=['slack:infra', 'pagerduty:high'], publishers={ 'slack:infra': [publisher_1, publisher_2], 'pagerduty:high': [publisher_3, publisher4], }...
### Background Currently, a `@rule` decorator can have numerous keyword arguments passed to it, such as `logs=`, `datatypes=`, `outputs=`, `context=`, etc... ### Description There are cases where these keyword arguments...
## Background The vast majority of execution time for the classifier is spent sending record either to SQS or Firehose. Looking at one of the log streams, I can see...
## Background As of #992, StreamAlert CLI is now modular with commands that are each modularized. @ryandeivert has mentioned that we intentionally omitted the [StreamAlert CLI package](https://github.com/airbnb/streamalert/blob/master/setup.cfg#L32) from unit test...
## Background Right now, we [log an exception](https://github.com/airbnb/streamalert/blob/f336c7850235096052c36aa8836f577a506c02c3/stream_alert/shared/rule.py#L160-L161) when a rule fails, but do not track this via any reportable means. ## Desired Change Create a custom metric that gets...
## Background Terraform's AWS provider supports [assuming a role](https://www.terraform.io/docs/providers/aws/index.html#assume-role) to be used for resources management. We should consider leveraging this. ### Benefits - We could pre-package a 'role' that we...
Per the discussion in https://github.com/airbnb/streamalert/pull/972 it would be useful to have extra configuration for apps for things like the default timeout.
## Background See discussion in the thread at https://streamalert.slack.com/archives/C3BHE2Z0S/p1559152670016000 In speaking with @ryandeivert there, certain errors appear only as counts in the error metric, but it's difficult to identify the...
## Background There are currently no custom metrics implemented in the apps functions. I want to utilize this issue to track potential custom metrics and metric alarms for these functions....