Cortex
veneur
Our great sponsors
Cortex | veneur | |
---|---|---|
4 | 2 | |
1,239 | 1,714 | |
2.1% | 0.5% | |
4.9 | 3.5 | |
3 months ago | 29 days ago | |
Scala | Go | |
GNU Affero General Public License v3.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Cortex
-
Internal Threat Intel Database
TheHive Cortex might come in handy here:https://github.com/TheHive-Project/Cortex
-
Top 20 Open-source tools for every Blue Teamer
TheHive is a scalable 4-in-1 open source and free security incident response platform designed to make life easier for SOCs, CSIRTs, CERTs, and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. Thanks to Cortex, our powerful free and open-source analysis engine, you can analyze (and triage) observables at scale using more than 100 analyzers.
-
Looking for a web script dashboard solution
Basically, I am looking for something a bit like Cortex (screenshot), but for a generic and standalone use.
-
Launch HN: Opstrace (YC S19) – open-source Datadog
Thanks for the correction! You linked to the right Cortex, not to be confused with https://github.com/TheHive-Project/Cortex, haha. https://github.com/cortexproject/cortex is what we talk about. Naming is hard.
veneur
-
OpenTelemetry in 2023
This was the idea behind Stripe's Veneur project - spans, logs, and metrics all in the same format, "automatically" rolling up cardinality as needed - which I thought was cool but also that it would be very hard to get non-SRE developers on board with when I saw a talk about it a few years ago.
-
Launch HN: Opstrace (YC S19) – open-source Datadog
One pain point with Prometheus is that is has relatively weak support for quantiles, histograms, and sets[1]:
- Histograms require manually specifying the distribution of your data, which is time-consuming, lossy, and can introduce significant error bands around your quantile estimates.
- Quantiles calculated via the Prometheus "summary" feature are specific to a given host, and not aggregatable, which is almost never what you want (you normally want to see e.g. the 95th percentile value of request latency for all servers of a given type, or all servers within a region). Quantiles can be calculated from histograms instead, but that requires a well-specified histogram and can be expensive at query time.
- As far as I know, Prometheus doesn't have any explicit support for unique sets. You can compute this at query time, but persisting and then querying high-cardinality data in this way is expensive.
Understanding the distribution of your data (rather than just averages) is arguably the most important feature you want from a monitoring dashboard, so the weak support for quantiles is very limiting.
Veneur[2] addresses these use-cases for applications that use DogStatsD[3] by using clever data structures for approximate histograms[4] and approximate sets[5], but I believe its integration with Prometheus is limited and currently only one-way - there is a CLI app to poll Prometheus metrics and push them into Veneur, but there's no output sink for Veneur to write to Prometheus (or expose metrics for a Prometheus instance to poll).
It would be extremely useful to have something similar for Prometheus, either by integrating with Veneur or implementing those data structures as an extension to Prometheus.
[1] https://prometheus.io/docs/practices/histograms/
[2] https://github.com/stripe/veneur
[3] https://docs.datadoghq.com/developers/dogstatsd/
What are some alternatives?
IntelOwl - IntelOwl: manage your Threat Intelligence at scale
opstrace - The Open Source Observability Distribution
Kuiper - Digital Forensics Investigation Platform
cortex - A horizontally scalable, highly available, multi-tenant, long term Prometheus.
catalyst - Catalyst is an open source SOAR and ticket system that helps to automate alert handling and incident response processes
loki - Like Prometheus, but for logs.
dfir-orc - Forensics artefact collection tool for systems running Microsoft Windows
influxdb-apply - Define InfluxDB users and databases with a yaml file.
ThePhish - ThePhish: an automated phishing email analysis tool
b3-propagation - Repository that describes and sometimes implements B3 propagation
skywalking - APM, Application Performance Monitoring System