Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hone data hostname #3

Open
mikeiannacone opened this issue Mar 18, 2015 · 0 comments
Open

Hone data hostname #3

mikeiannacone opened this issue Mar 18, 2015 · 0 comments

Comments

@mikeiannacone
Copy link
Member

When hone data is sent to the extractors, no hostname is specified, which means the flows and process info cannot be associated with their host. (This cannot be done using the src/dest addresses, because there is not a good way to determine which of these addresses belong to the machine the data was collected on.)

The options for including this seem to be:

  • Include a hostname column in the CSV. This could come from the PcapNg metadata, described in their documentation
  • Include a hostname as additional metadata when sending the message to rt. This could come from the config info for the collectors.

Both seem like reasonable approaches from my end, and there are probably others that would work just as well.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mikeiannacone