shane/threatline
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
7 Commits 1 Branch 0 Tags
db282aa3c2103d3cf03711610c0c6bf3d26d9e4f
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Shane db282aa3c2 Update README.md
2018-11-10 18:34:40 +00:00
doc
initial commit
2018-11-10 13:29:42 -05:00
threatline
initial commit
2018-11-10 13:29:42 -05:00
.gitignore
initial commit
2018-11-10 13:29:42 -05:00
README.md
Update README.md
2018-11-10 18:34:40 +00:00
requirements.txt
initial commit
2018-11-10 13:29:42 -05:00
setup.py
initial commit
2018-11-10 13:29:42 -05:00

README.md

Installation on FreeBSD

#Configure Kafka topics (run on one kafka node) doc/kafka_topics.sh

#Initialize elasticsearch: curl -X PUT 'http://:9200/threatline' -d@doc/es_mapping.json

#Install service file: cp doc/threatline /usr/local/etc/rc.d/threatline

#Enable threatline: sysrc threatline_enable=YES sysrc threatline_agents="normalize enrich check archive"

#Start threatline: service threatline start

#Monitor logs: tail -f /tmp/tl_worker.log

#Stages: Normalize: Touch-up/rename fields, etc. Enrich: Enrich and part of the message. Check: Checks parts of message (now enriched) against known bad stuff. Archive: Push document into elasticsearch. Can also log to file.

Description
No description provided
Readme 931 KiB
Languages
Python 100%