Not quite ready for prime-time, we have been testing our home-grown UNIX domain socket adapter using Coral8 Java APIs. We are using this adapter to evaluate and demonstrate stream processing with intrusion detection systems (IDS) using event stream processing to reduce false alarms, detect derived situations from the raw intrusion event data, and feed a security management visualization dashboard.
You can click on the teaser image below to see more of our first IDS screenshots from Coral8’s Studio stream visualization tool.
If you click on the image above, you will four additional event stream properties. For this part of the demo, there are 14 total IDS properties in the event stream, but we only show 5 properties in this cropped screen capture.
I am quite sure that we could do similar integration with other event stream processing engines, but fortunately Coral8 makes it easy to download, start developing and testing.