Quantcast
Channel: From the Dev Team – Hortonworks
Viewing all articles
Browse latest Browse all 333

Apache Metron Tech Preview 1 – Come and Get It!

April 19, 2016, 6:00 am
$
0
0

In Kicking Off the Apache Metron Tech Preview 1 Blog Series, we introduced the origins of the Apache Metron™  project. In Part 2, Apache Metron User Personas and Core Functional Themes, we covered how Metron helps organizations build capabilities in their people and processes to help bridge the cyber security talent gap.

In this third part of our series, we will provide an update on what the community has been developing over the past four months. Finally, we conclude by demonstrating how to start working with Apache Metron right now and join this rockstart community.

We are proud to announce that the culmination of the last four months of hard work is the first release of Apache Metron 0.1, which Hortonworks is releasing as Apache Metron Tech Preview 1 (Metron TP1).

Metron TP1 Features

The following are key capabilities available in Metron TP1 broken up across its four key functional themes.

The details of what’s in Metron Tech Preview 1 can be found in the following HCC Article Apache Metron TP 1.

How do I get Started?

You can spin up Metron TP1 in two ways:

  • Ansible based Vagrant Single Node VM Install – This is a great place to start as an introduction to Apache Metron. Detailed installation instructions can be found in the Hortonworks Community Connection (HCC) Article: Apache Metron TP 1 Install Instructions – Single Node Vagrant Deployment
  • Cloud-based install for a complete 10 Node Metron Cluster using Ambari Blueprints and AWS APIs – If you want a more realistic setup of the Metron app, you can install it on AWS. Keep in mind that this install will spin up 10 m4.xlarge EC2 instances by default. Detailed installation instructions can be found in the HCC: Apache Metron – First Steps in the Cloud

Where do I get Help?

Hortonworks has created a new Community Cybersecurity Track in HCC.  Metron subject matter experts are answering questions and moderating the new Track for anything related to Apache Metron and Cybersecurity. When asking a question about Metron TP1, select “CyberSecurity” Track and add the following tags: “Metron” and “tech-preview”.

See below for more details:

Metron HCS Help

Join the Apache Metron Community

This blog series should be getting you excited about the fantastic work the Apache Metron community is doing. Please consider joining a community of rockstars. If you are interested in joining, follow these eight simple steps:

  1. Subscribe to the Apache Metron user mailing list, user@metron.incubator.apache.org, by sending an email to user-subscribe@metron.incubator.apache.org with “subscribe” in the subject field. This mailing list is if you have questions around installation, run into issues, have general questions, etc.
  2. Subscribe to the Apache Metron dev mailing list, dev@metron.incubator.apache.org, by sending an email to dev-subscribe@metron.incubator.apache.org with “subscribe” in the subject field.  This mailing list is for contributors who have questions about stuff like architecture or want to contribute.
  3. Introduce yourself on the user mailing list.
  4. Become familiar with the Metron code base: https://github.com/apache/incubator-metron
  5. Spin up Metron on single node VM as described above.
  6. Join the Metron IRC Channel: apache-metron
  7. Setup your development environment using the following instructions: Metron Development Environment Setup Instructions
  8. Contribute!

How can you Contribute?

Here are some ideas:

  • Do you work with security telemetry data and logs? The quickest way to contribute is to write parsers for different telemetry data sources. It will be helpful if you have access to sample logs emitted from these sources. Some of the security data source parsers needed for ingestion into Metron are: FireEye, Cisco ISE, Lancope, SourceFire, CarbonBlack, BlueCoat, Active Directory, Palo Alto Network, etc. The following provides more details: Parser Component
  • Are you a SOC personnel, a designer, or UI developer? Over the next couple of releases of Metron, we want to focus on building a next generation UI for Metron used by the SOC analyst and investigator. If this interests you, join the weekly Metron UI community meeting. Details can be found here.
  • Are you familiar with Storm, Kafka, Solr/Elastic, Hadoop, Kibana? Help us continue to harden and enhance the core Metron platform.
  • Are you a data scientist with some Security domain expertise? Join the community to help build out the analytics packs and models using Spark, Python, sci-kit, Jupyter notebooks, etc.
  • Are you just a rockstar developer? Join the Apache Metron community and contribute to the areas that interest you.

More Details on HCC

To get more details about Apache Metron 0.1, including the Apache Jiras, continue to the Apache Metron Tech Preview 1 article in the Hortonworks Community Connection (HCC) .

Enjoy exploring Metron TP1!

Apache Metron and its logo are trademarks of the Apache Software Foundation.  All other trademarks are the property of their respective owners.

About the Authors

Bio: George Vetticaden is a Principal Architect at Hortonworks, Senior Product Owner/Manager for Metron/CyberSecurity, and committer on the Apache Metron project. Over the last 4 years at Hortonworks, George has spent time in the field with enterprise customers helping them build big data solutions on top of Hadoop. In his previous role at Hortonworks, George was the Director of Solutions Engineering where he led a team of 15 Big Data Senior Solution Architects helping large enterprise customers with use case inception, design, architecture, to implementation of use cases monetizing data with Hadoop. George graduated from Trinity University with a BA in Computer Science.

(LinkedIn Profile: https://www.linkedin.com/in/georgevetticaden)

jamessirota

Bio: James Sirota is Director of Security Solutions at Hortonworks and committer on the Apache Metron project. Previously James was the Chief Data Scientist at Cisco focused on Big Data security analytics, and spearheaded OpenSOC. His primary expertise is in the design and implementation of Big Data platforms on top of Hadoop, MapReduce, Yarn, Storm, Kafka, Elastic Search and Flume. James holds a Data Science degree, a Master’s in Computer Engineering and is a licensed information security professional.

(LinkedIn Profile: https://www.linkedin.com/in/jsirota )

 

The post Apache Metron Tech Preview 1 – Come and Get It! appeared first on Hortonworks.

Search
Viewing all articles
Browse latest Browse all 333
Search