Support Questions
Find answers, ask questions, and share your expertise
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Apache spot on HDP 2.4 or 2.5

Highlighted

Apache spot on HDP 2.4 or 2.5

I would like to know if anyone tried to deploy apache spot on HDP instead of cloudera. If so it would be great if you can let me know the details about which HDP version (2.4 or 2.5) worked for the deployment.

4 REPLIES 4
Highlighted

Re: Apache spot on HDP 2.4 or 2.5

Mentor

Thats an interesting idea but Hortonworks is spearheading it's own cybersecurity suite called Apache Metron. http://metron.incubator.apache.org/

Highlighted

Re: Apache spot on HDP 2.4 or 2.5

Super Guru
@Anil Reddy

Apache Spot is absolutely brand new with really no product right now. Here is the github link. The project was added 3 months ago and have only 4 developers. Cloudera for some reason has decied to reinvent the wheel rather than take the existing project with already much rich featureset forward.

Apache Metron was first released at Cisco in 2014 and named "OpenSOC". Here is the journey Metron has been through and where it's now.

https://cwiki.apache.org/confluence/display/METRON/Evolution+of+Apache+Metron

and github link below --> see the difference in number of contributors and contribution activity compared to Spot

https://github.com/apache/incubator-metron/

Highlighted

Re: Apache spot on HDP 2.4 or 2.5

@Artem Ervits @mqureshi

The information provided is so true that metron is better option than Apache Spot.

However,the issue with is that I was heard that Apache spot can be run on either HDP or CDH.

So, I am giving a try with HDP and getting conflicts with python version during installation. I would like to know if anyone have experience in setting up Apache spot in HDP 24 or HDP 2.5

Highlighted

Re: Apache spot on HDP 2.4 or 2.5

Super Guru

@Anil Reddy

I am sure you can use Metron with CDH. Again, there might be setup issues but I am sure if you make an effort, you should be able to do that. Point is, Metron is supported by Hortonworks and Spot will be (whenever it becomes an actual product) supported by Cloudera. Trying to make it work with another distribution doesn't buy you anything. The value of Cyber Security Suite comes from the suite in ingesting data in real time, detecting threats and taking actions. The repository where data is stored (HDP or CDH) is important but not all on its own a big differentiator. The real value is the threat detection models, the ability to integrate with PCAP, ingest telemetry data fast, processing and enriching data with STIX, GEO enrichment, capturing data from Fire Eye. These are the features you'd be looking at when you choose a cyber security suite. Where the data lands is not where most value is added. And while I have personally not done it, I am sure Metron can easily use CDH for its data repository.

If Cloudera is claiming that Spot will work with HDP, ask them if they will support Spot with HDP?

Don't have an account?
Coming from Hortonworks? Activate your account here