I can’t recall us being ever able to get deidentified data from an implementation (yes, let’s make one more attempt!), but we may get them to try out what we accomplish here and have an incentive to collaborate further on that setup. It is why I think it is important to do it in Docker so it can be easily run by others on real data.
There are official docker images for the whole stack at elastic · GitHub with documentation so it shouldn’t be hard.
I’m very excited to hear your stories!
Has ever anyone evaluated how much it is in practice? I figure you can always limit to a year of observations and still find it useful.
@lluismf, how about @adamg will work on creating the docker setup and you take it from there… @adamg, would you be interested in creating docker-compose with RA 2.6 and ELK (full stack)?