Glad to see this work being done!
Please feel free to reach out to Knox dev@ list for any assistance and
potentially review.

Only sort of related, I have been thinking about another integration
between Knox and Metron wherein possible threat details can be communicated
to Knox to take action on at authentication/authorization time.
Knox could also potentially push interesting events like possible brute
force login attempts to Metron.
Some bi-directional pub-sub model?

Thoughts?

On Thu, Jul 12, 2018 at 11:57 AM, Casey Stella <[EMAIL PROTECTED]> wrote: