Hortonworks Cybersecurity Platform
Also available as:
PDF
loading table of contents...

Adding a New Telemetry Data Source

Part of customizing your Hortonworks Cybersecurity Platform (HCP) configuration is adding a new telemetry data source. Before HCP can process the information from your new telemetry data source, you must use one of the telemetry data collectors to ingest the information into the telemetry ingest buffer. Information moves from the data ingest buffer into the Apache Metron real-time processing security engine, where it is parsed, enriched, triaged, and indexed. Finally, certain telemetry events can initiate alerts that can be assessed in the Metron dashboard.

To add a new telemetry data source, you must first meet certain prerequisites, and then perform the following tasks:

  1. Stream data into HCP
  2. Create a parser for your new data source
  3. Verify that events are indexed