unfetter-analytic icon indicating copy to clipboard operation
unfetter-analytic copied to clipboard

Published 20 hours ago verified publisher icon unfetter-discover

rearchitect the logstash data collection

Open infosec-alchemist opened this issue 7 years ago • 1 comments

Use the fields from STIX 2.0 observed data formats. https://docs.google.com/document/d/1IvkLxg_tCnICsatu2lyxKmWmh1gY2h8HUNssKIE-UIA/edit#heading=h.p49j1fwoxldc

Leverage HA Security's logstash config file methodology https://github.com/HASecuritySolutions/Logstash/tree/master/configfiles

Remove SPARK and move to strickly Elasticsearch query model

infosec-alchemist avatar Oct 24 '17 23:10 infosec-alchemist

This is dependant on #24

infosec-alchemist avatar Jan 02 '18 19:01 infosec-alchemist