Web lists-archives.com

Bug#913592: ITP: fever -- fast, extensible, versatile event router for Suricata's EVE-JSON format




Package: wnpp
Severity: wishlist
Owner: Sascha Steinbiss <satta@xxxxxxxxxx>

* Package name    : fever
  Version         : 1.0
  Upstream Author : DCSO GmbH
* URL             : https://github.com/DCSO/fever
* License         : BSD-3-clause
  Programming Lang: Go
  Description     : fast, extensible, versatile event router for
Suricata's EVE-JSON format

The Fast, Extensible, Versatile Event Router (FEVER) is a tool for fast
processing of events from Suricata's JSON EVE output. What is meant by
'processing' is defined by a number of modular components, for example
facilitating fast ingestion into a database. Other processors implement
collection, aggregation and forwarding of various metadata (e.g.
aggregated and raw flows, passive DNS data, etc.) as well as performance
metrics.

It is meant to be used in front of (or as a replacement for)
general-purpose log processors like Logstash to increase event
throughput as observed on sensors that see a lot of traffic.