Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.
English | 简体中文
Elkeid HUB is a rule/event processing engine maintained by the Elkeid Team that supports streaming/offline (not yet supported by the community edition) data processing. The original intention is to solve complex data/event processing and external system linkage requirements through standardized rules.
INPUT
data input layer, community edition only supports Kafka.RULEENGINE/RULESET
core components for data detection/external data linkage/data processing.OUTPUT
data output layer, community edition only supports Kafka/ES.SMITH_DSL
used to describe the data flow relationship.Simple HIDS
IDS Like Scenarios
Multiple input and output scenarios
Ability List | Elkeid Community Edition | Elkeid Enterprise Edition |
---|---|---|
Streaming data processing | :white_check_mark: | :white_check_mark: |
Data input, output capability | :white_check_mark: | :white_check_mark: |
Full frontend support | :white_check_mark: | :white_check_mark: |
Monitoring capability | :white_check_mark: | :white_check_mark: |
Plugin support | :white_check_mark: | :white_check_mark: |
Debug support | :white_check_mark: | :white_check_mark: |
Offline data processing | :ng_man: | :white_check_mark: |
Data Persistence capability | :ng_man: | :white_check_mark: |
Workspace | :ng_man: | :white_check_mark: |
Cluster mode | :ng_man: | :white_check_mark: |
Online upgrade strategy | :ng_man: | :white_check_mark: |
Overview
Edit Rule
Edit HUB Project
Edit HUB Python Plugin
Submission Rules
(Need to use with Elkeid)