search

idaholab / Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
https://idaholab.github.io/Malcolm/
Other
354 stars 58 forks source link

deeper NetBox integration #131

Closed mmguero closed 11 months ago

mmguero commented 1 year ago

This issue is a meta-issue that will depend on other issues I'll log tracking the design, development and features related to how Malcolm will use NetBox (documentation, GitHub, site), particularly regarding interactions between NetBox's model of the network and Malcolm's network traffic metadata (collected from Zeek, Arkime, Suricata, etc.).

This feature is going to be broken down into (at least) the following sub-features. Some of these may end up being unfeasible, may be replaced or further broken down, or may be changed, but at the moment the ideas floating around are:

  1. 132

  2. 133

  3. 134

  4. 135

  5. 136

Each of these is a substantial piece of work. Development will be done incrementally and released as functionality is added.

mmguero commented 11 months ago

Now that netbox is in place and has been released for a while, I'm going to close this meta-bug in favor of just tracking separate issues with netbox individually.