Large-Scale Indicator Caches Built using Analysis Pipeline and the Elastic Stack
CARNEGIE-MELLON UNIV PITTSBURGH PA PITTSBURGH United States
Pagination or Media Count:
Indicator caches make it quick and easy to find the presence of specific indicators such as IPs or domain names in flow traffic and later associate those cache records with full flow data to avoid expensive searches of the full repository. We tested an indicator cache system capable of processing 40 billion recordsday.
- Computer Programming and Software