The following are key capabilities available in Metron TP1 broken up across its four key functional themes.
You can spin up the Metron TP1 in two ways:
Hortonworks has created new Track called CyberSecurity in the Hortonworks Community Connection (HCC). The link to the this new track in HCC is the following: HCC CyberSecurity Track.
Apache Metron committers are subscribed to this track and are constantly monitoring it for any questions the community has on TP1.
When asking a question about Metron TP1, please select the “CyberSecurity” Track and add the following tags: “Metron” and “tech-preview”.
The below is a summary of the key platform features added in TP1:
METRON-59 METRON-77 METRON-76 METRON-69 METRON-63 METRON-61 METRON-43 METRON-2
Metron TP1 focus is network telemetry data sources as described below. They represent the most valuable granular data one can collect and perform next generation analytics on.
The Key Data collection features for Metron TP1 are the following:
For this theme, the key features in Metron TP1 are the following:
Indexing Services - Support for indexing via ElasticSearch
METRON-36 METRON-56 METRON-66
There was less focus on the UI Theme but Metron TP1 does provide the following new UI features:
Is it possible to run this on Solr versus elastic? Solr is more closely tied to the Lucene project, uses the same Zookeeper based distributed coordination and continues to add more features to the open source project (graph query, parallel sql), while elastic seems to be taking more new features closed source. I've been building a lot of related features for network analysis in Solr.
Good question @Matt McKnight. We will have support for Solr indexing services in Metron TP2 which is slated for end of May. However in TP2, we will still only support Metron UI that is based on Kibana (based on Elastic). This will change in subsequent reelases. So net net, by middle/end of May we will support Solr indexing but you would have to write the UI that calls the SOLR Apis for search queries. Farther down the line, we will provide a custom UI (away from Kibana) that uses SOLR to do search.