This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Skip to end of metadata
Go to start of metadata

The Metron architecture can be divided into the following areas:

  1. Data Collection
  2. Real-time Data Processing (Parsing, Enrichment, Alerting, Indexing, Storage, model/rule execution ,tc..)
  3. Analytics 
  4. Dashboards for SOC analysts

 

Data Collection

Coming Soon

 

Real-time Data Processing

Metron's Real-time processing engine is powered by Storm. 

The below diagram illustrates the architecture

Analytics

Coming Soon

 

Dashboards for SOC Analysts

Currently, the Dashboards are implemented as a custom UI built on top Kibana. See the below screenshot of the what the Dashboard looks like

 

  • No labels