- Technical Reports
- ARL-CR-0809 - Accumulo/Hadoop, MongoDB, and Elasticsearch Performance...
Accumulo/Hadoop, MongoDB, and Elasticsearch Performance for Semi-Structured Intrusion Detection (IDS) Data
|Authors:||Ralph P Ritchey|
|Date/Pages:||November 2016; 44 pages|
|Abstract:||NoSQL data stores are highly recognized for their ability to easily scale and store vast amounts of information. When considering converting to a NoSQL data store, a fact-based analysis should be applied to address the issues inherent in such an architectural-based, critical, core component change. As such, we evaluate Hadoop, MongoDB, and Elasticsearch as a replacement for data stored in a custom intrusion detection system infrastructure. In this type of environment, the number of records is voluminous, the records contain semi-structured data of varying data types, and both across-the-board analytics and surgical queries must be supported.|
|Distribution:||Approved for public release|
Download Report ( 0.415 MBytes )
If you are visually impaired or need a physical copy of this report, please visit and contact DTIC.