Chapter 1. Overview
This guide is intended for use by Security Operations Center (SOC) analysts and investigators.
This guide describes two user interfaces and a tool included with HCP that are designed for the SOC analysts and investigators:
- Metron Dashboard - This user interface is for Elasticsearch users only. If you are using Solr, refer to the Solr documentation for information on the user interface. - A Kibana-based dashboard designed to identify, investigate, and analyze cybersecurity data. The Metron dashboard displays all of the data on a single dashboard enabling you to filter through the irrelevant data and display just the information, alerts, and context for which you are looking. - Refer to the following chapters: 
- Alerts User Interface - This GUI is a standalone user interface that connects to Solr or Elasticsearch to show the alerts but also store all other data in the browser cache. - Refer to the following chapter: 
- pcap - The pcap data source can rapidly ingest raw data directly into HDFS from Kafka. As a result, you can store all of the raw packet capture data in HDFS and review or query it at a later date. - Refer to the following chapter: 

