TodoBI TodoBI

OpenSOC: Open Source Big Data Security Analytics Framework

OpenSOC is a Big Data security analytics framework designed to consume and monitor network traffic and machine exhaust data of a data center. OpenSOC is extensible and is designed to work at a massive scale. 

The framework provides the following capabilities:

  • Extensible spouts and parsers for attaching OpenSOC to monitor any telemetry source
  • Extensible enrichment framework for any telemetry stream
  • Anomaly detection and real-time rules-based alerts for any telemetry stream
  • Hadoop-backed storage for telemetry stream with a customizable retention time
  • Automated real-time indexin for telemetry streams backed by Elastic Search
  • Telemetry correlation and SQL query capability for data stored in Hadoop backed by Hive
  • ODBC/JDBC compatibility and integration with existing analytics tools