Hi @Alan B,

You can perform logic operations, profiling and create scores and alerts based on that results. You can also use MaaS (Model-as-a-Service) to deploy models and create alerts based on results, etc.

Basically Metron has available a wide number of options to perform a variety of cases, in that way, is quite open.

Visit the following documentation for more information:

https://docs.hortonworks.com/HDPDocuments/HCP1/HCP-1.5.0/bk_analytics/content/overview.html

Visit also the Stellar Language doc:

https://docs.hortonworks.com/HDPDocuments/HCP1/HCP-1.5.0/bk_stellar-quick-ref/content/intro.html

Metron lives atop of Hadoop Stack, in that way, you will have the following requirements:

• Apache Hadoop;
• Apache Storm;
• Apache Kafka;
• Apache HBase;
• Apache ZooKeeper.

Visit the following documentation for more information about requirements of HCP/Metron:

https://docs.hortonworks.com/HDPDocuments/HCP1/HCP-1.5.0/bk_installation/content/software_req.html

Hope it helps!

Gonçalo

Thanks Gonçalo. To be sure, can you confirm Stellar can be used as a correlation engine in Metron i.e. real time alerting based on logical rules and anything Stellar can do ?

Metron has several stages where the event is processed, for example, after you parsed your event you can enrich it, that can be done with Stellar using "GEO_GET" function you can get, based on a GEO list, the origin of an IP.

You can also add your own custom functions or you can do logic, arithmetic operations, etc.

Using Metron UI you can see your alerts in real-time, check the page below for more detail about the UI:

https://docs.hortonworks.com/HDPDocuments/HCP1/HCP-1.5.0/bk_user-guide/content/using_alerts_table.ht...

I would recommend you to install Metron and try it.

Gonçalo

Thank you very much Gonçalo. We are actually in the setup process.