Accession Number:

AD1022300

Title:

Accumulo/Hadoop, MongoDB, and Elasticsearch Performance for Semi Structured Intrusion Detection (IDS) Data

Descriptive Note:

Technical Report,01 Jan 2016,01 Aug 2016

Corporate Author:

ICF, Inc. Columbia United States

Personal Author(s):

Report Date:

2016-11-01

Pagination or Media Count:

44.0

Abstract:

NoSQL data stores are highly recognized for their ability to easily scale and store vast amounts of information. When considering converting to a NoSQL data store, a fact-based analysis should be applied to address the issues inherent in such an architectural-based, critical, core component change. As such, we evaluate Hadoop, MongoDB, and Elasticsearch as a replacement for data stored in a custom intrusion detection system infrastructure. In this type of environment, the number of records is voluminous, the records contain semi-structured data of varying data types, and both across-the-board analytics and surgical queries must be supported.

Subject Categories:

  • Information Science
  • Computer Systems Management and Standards

Distribution Statement:

APPROVED FOR PUBLIC RELEASE