This Confluence has been LDAP enabled, if you are an ASF Committer, please use your LDAP Credentials to login. Any problems file an INFRA jira ticket please.

Skip to end of metadata
Go to start of metadata


Snort is one of the more popular Network Intrusion Prevention Systems (NIPS) out there today.  Snort monitors network traffic and produces alerts that are generated based on signatures from community rules.  Metron plays the output of the packet capture probe to Snort and whenever Snort alerts are triggered Metron uses Apache Flume to pipe these alerts to a Kafka topic.  Once Snort alerts land into Kafka topic they are then picked up by the parsing topology

See related components:

Parsing Topology

  • No labels