Details
-
New Feature
-
Status: To Do
-
Major
-
Resolution: Unresolved
-
0.2.1BETA
-
None
Description
I want to be able to define, extract, and build ontologies/relations from Metron telemetry. Here is an example. If my message is as follows:
{ip1:someIP1, ip2:someIp2, protocol:TCP,userAgent:A1}I want the following config defined:
ontology1: ip1 connectsTo ip2
ontology2: ip1 hasProtocol protocol
ontology3: ip1 hasUserAgent userAgent
...
ontology n
And from that config I want the following be created with Stellar:
someIP1 : connectsTo : someIP2
someIP1 : hasProtocol : TCP
someIP1: hasUserAgent: A1
And then be pushed to a graph database with a TTL value. By applying these to multiple telemetries we create a knowledge graph. This is one of the fundamental capabilities that Metron needs for doing advanced analytics
Attachments
Issue Links
- Blocked
-
-
- To Do
-