Coordinator – EHT
Participants – FHG, NIC, TLB, IMT, NRD, CEA, TLB.
The objective of the WP4 is to develop and publish IDMEFv2 open-source tools and preprod SIEM prototype. The development of the open-source SIEM has multiple objectives. a) it will help validate the theory of IDMEFv2 with real implementation , b) it will serve as “running code” for IETF to prove the format is useable, c) it will be used on WP7 for the simulator and WP8 for the pilots and d) by being published as open-source it will promote the format and strengthened the dissemination.
The following tasks are set:
All the code and programs developed in WP4 will be published with open-source licence on the project GitHub and these publications will be announced through the project communication medias (website, mailing list, social network, etc). The SIEM tools will re-used existing open-source SIEM component but will be adapted to state-of-art technologies: Kakfa broker for the alerts transport, NoSQL database storage, web 4.0 interface, Logstash parsing for the logs, etc.
Deliverables: