shane/threatline
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update README.md

Browse Source
This commit is contained in:
Shane
2019-01-11 15:56:11 +00:00
parent 23e40b92b9
commit 7d23097423
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -4,13 +4,13 @@
doc/kafka_topics.sh
# Initialize elasticsearch
curl -X PUT 'http://<elasticsearch>:9200/threatline' -d@doc/es_mapping.json
curl -X PUT 'http://<elasticsearch>:9200/threatline' -d@doc/es_mapping.json
# Install service file
cp doc/threatline /usr/local/etc/rc.d/threatline
cp doc/threatline /usr/local/etc/rc.d/threatline
# Enable threatline
sysrc threatline_enable=YES
sysrc threatline_enable=YES
sysrc threatline_agents="normalize enrich check archive"
# Start threatline
@@ -21,8 +21,8 @@ tail -f /tmp/tl_worker.log
# Stages
Normalize: Touch-up/rename fields, etc.
Enrich: Enrich and part of the message.
Check: Checks parts of message (now enriched) against known bad stuff.
Archive: Push document into elasticsearch. Can also log to file.
Normalize: Touch-up/rename fields, etc.
Enrich: Enrich and part of the message.
Check: Checks parts of message (now enriched) against known bad stuff.
Archive: Push document into elasticsearch. Can also log to file.