Metron Community: Happy New Year. I’m happy to announce the release of Metron 0.4.2. A great deal of work from across the community went into this, with over 100 enhancements, improvements, and bug fixes since 0.4.1. Thanks to all contributors, and may all users enjoy the new features!
This release also includes the first official release of the apache-metron-bro-plugin-kafka, version 0.1. Details: The official release source code tarballs may be obtained at any of the mirrors listed in http://www.apache.org/dyn/closer.cgi/metron/0.4.2/ As usual, the secure signatures and confirming hashes may be obtained at https://dist.apache.org/repos/dist/release/metron/0.4.2/ The release branches in github are https://github.com/apache/metron/tree/Metron_0.4.2 (tag apache-metron-0.4.2-release) https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1) The release doc book is at http://metron.apache.org/current-book/index.html The Apache Metron web site at http://metron.apache.org/ has been updated; please refresh your web browser cache if the new links do not immediately appear. Change lists and Release Notes may be obtained at the same locations as the tarballs. For your reading pleasure, the change list is appended to this message. Best regards, --Matt Foley release manager Metron CHANGES (in reverse chron order): METRON-1373 RAT failure for metron-interface/metron-alerts (mattf-horton) closes apache/metron#875 METRON-1313 Update metron-deployment to use bro-pkg to install the kafka plugin (JonZeolla) closes apache/metron#847 METRON-1346 Add new PMC members to web site (ottobackwards) closes apache/metron#860 METRON-1336 Patching Can Result in Bad Configuration (nickwallen) closes apache/metron#851 METRON-1335 Install metron-maas-service RPM as a part of the full-dev deployment (anandsubbu via ottobackwards) closes apache/metron#850 METRON-1308 Fix Metron Documentation (JonZeolla) closes apache/metron#836 METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen) closes apache/metron#855 METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet) closes apache/metron#823 METRON-1334 Add C++11 Compliance Check to platform-info.sh (nickwallen) closes apache/metron#849 METRON-1277 Add match statement to Stellar language closes apache/incubator-metron#814 METRON-1239 Drop extra dev environments (nickwallen) closes apache/metron#852 METRON-1328 Enhance platform-info.sh script to check if docker daemon is running (anandsubbu via nickwallen) closes apache/metron#846 METRON-1333 Ansible-Docker can no longer build metron (ottobackwards) closes apache/metron#848 METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra via nickwallen) closes apache/metron#803 METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen) closes apache/metron#841 METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844 METRON-1319 Column Metadata REST service should use default indices on empty input (merrimanr) closes apache/metron#843 METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices (nickwallen) closes apache/metron#845 METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters Some Records (nickwallen) closes apache/metron#832 METRON-1294 IP addresses are not formatted correctly in facet and group results (merrimanr) closes apache/metron#827 METRON-1291 Kafka produce REST endpoint does not work in a Kerberized cluster (merrimanr) closes apache/metron#826 METRON-1290 Only first 10 alerts are update when a MetaAlert status is changed to inactive (justinleet) closes apache/metron#842 METRON-1311 Service Check Should Check Elasticsearch Index Templates (nickwallen) closes apache/metron#839 METRON-1289 Alert fields are lost when a MetaAlert is created (merrimanr) closes apache/metron#824 METRON-1309 Change metron-deployment to pull the plugin from apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837 METRON-1310 Template Delete Action Deletes Search Indices (nickwallen) closes apache/metron#838 METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833 METRON-1295 Unable to Configure Logging for REST API (nickwallen) closes apache/metron#828 METRON-1307 Force install of java8 since java9 does not appear to work with the scripts (brianhurley via ottobackwards) closes apache/metron#835 METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via cestella) closes apache/incubator-metron#829 METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr) closes apache/metron#821 METRON-1287 Full Dev Fails When Installing EPEL Repository (nickwallen) closes apache/metron#820 METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page (iraghumitra via merrimanr) closes apache/metron#819 METRON-1283 Install Elasticsearch template as a part of the mpack startup scripts (anandsubbu via nickwallen) closes apache/metron#817 METRON-1254 Conditionals as map keys do not function in Stellar closes apache/incubator-metron#801 METRON-1261 Apply bro security patch (JonZeolla via ottobackwards) closes apache/metron#805 METRON-1284 Remove extraneous dead query in ElasticsearchDao (justinleet) closes apache/metron#818 METRON-1270 fix for warnings missing @return tag argument in metron-analytics/metron-profiler-common and metron-profiler-client closes apache/incubator-metron#810 METRON-1272 Hide child alerts from searches and grouping if they belong to meta alerts (justinleet) closes apache/metron#811 METRON-1224 Add time range selection to search control (iraghumitra via james-sirota) closes apache/metron#796 METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via justinleet) closes apache/metron#816 METRON-1243 Add a REST endpoint which allows us to get a list of all indice closes apache/incubator-metron#797 METRON-1196 Increment master version number to 0.4.2 for on-going development (mattf-horton) closes apache/metron#767 METRON-1278 Strip "Build Status" widget from root README.md in site-book build (mattf-horton) closes apache/metron#815 METRON-1274 Master has failure in StormControllerIntegrationTest (merrimanr) closes apache/metron#813 METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes apache/metron#809 METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen) closes apache/metron#804 METRON-1251 Typo and formatting fixes for metron-rest README closes apache/incubator-metron#800 METRON-1241 Enable the REST API to use a cache for the zookeeper config similar to the Bolts closes apache/incubator-metron#795 METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page (merrimanr) closes apache/metron#808 METRON-1262 Unable to add comment for a alert in a meta-alert (merrimanr) closes apache/metron#806 METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via nickwallen) closes apache/metron#807 METRON-1255 MetaAlert search is not filtering on status (merrimanr) closes apache/metron#802 METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes apache/metron#799 METRON-1237 address javadoc warnings in metron-maas-common (dbist via james-sirota) closes apache/metron#792 METRON-1240 address javadoc warnings in metron-platform and metron-analytics (dbist via james-sirota) closes apache/metron#794 METRON-1226 Searching Can Errantly Query the Wrong Indices (nickwallen) closes apache/metron#793 METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes apache/metron#682 METRON-1123 Add group by option using faceted search capabilities of metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768 METRON-1223 Add support to add comments for alerts (iraghumitra via james-sirota) closes apache/metron#788 METRON-1083 Add filters using faceted search capabilities of metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710 METRON-1232 Alert status changes are not reflected in list view (iraghumitra via merrimanr) closes apache/metron#787 METRON-1247 REST search and findOne endpoints return unexpected or incorrect results for guids (justinleet) closes apache/metron#798 METRON-1235 Document the properties pulled from the global configuration closes apache/incubator-metron#791 METRON-1234 fix for WARNING 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique: org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes apache/metron#790 METRON-1222 fix warning for The expression ${parent.version} is deprecated. Please use ${project.parent.version} instead. (dbist via mmiklavc) closes apache/metron#782 METRON-1220 Create documentation around alert nested field (justinleet) closes apache/metron#780 METRON-1229 Management UI type is part of the declarations of 2 modules (merrimanr) closes apache/metron#784 METRON-1228 Configuration Management PUSH immediately does DUMP after (mmiklavc via mmiklavc) closes apache/metron#783 METRON-1218 Metron REST should return better error messages (merrimanr) closes apache/metron#779 METRON-1161 Add ability to edit parser command line options in the management UI (merrimanr) closes apache/metron#737 METRON-1209 Make stellar repl take logging properties, like other CLI apps in metron closes apache/incubator-metron#772 METRON-1059 address checkstyle warning AvoidStarImport in metron-stellar (dbist via ottobackwards) closes apache/metron#664 METRON-1204 UI does not time out after being idle, but stops functioning (merrimanr) closes apache/metron#771 METRON-1052 Add forensic similarity hash functions to Stellar closes apache/incubator-metron#781 METRON-632 Added validation of "shew.enrichmentType" and "shew.keyColumns" closes apache/incubator-metron#732 METRON-1194 Add Profiler Debug Functions to Profiler README (nickwallen via ottobackwards) closes apache/metron#765 METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6 updates (lvets via ottobackwards) closes apache/metron#661 METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes apache/metron#681 METRON-1085 Add REST endpoint to save a user profile for the Alerts UI (merrimanr) closes apache/metron#694 METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778 METRON-1207 Make RPMs for Alerts UI (merrimanr) closes apache/metron#777 METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes apache/metron#776 METRON-1206 Make alerts UI conform to ops UI for install (merrimanr) closes apache/metron#773 METRON-1195 Meta alerts improperly handle updates to non-alert fields (justinleet) closes apache/metron#766 METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes apache/metron#762 METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen) closes apache/metron#733 METRON-1198 Pycapa - No such configuration property 'sasl.kerberos.principal' (nickwallen) closes apache/metron#769 METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet) closes apache/metron#770 METRON-938 "service metron-rest start <password>" does not work on CentOS 7. (justinleet) closes apache/metron#757 METRON-1182 Refactor Code in alert list to accommodate new view types (iraghumitra via merrimanr) closes apache/metron#756 METRON-1188 Ambari global configuration management (mmiklavc) closes apache/metron#760 METRON-1191 update public web site to point at 0.4.1 new release (mattf-horton) closes apache/metron#764 METRON-1063 address javadoc warnings in metron-stellar (dbist via ottobackwards) closes apache/metron#668 METRON-1190 Fix Meta Alert Type handling in calculation of scores (justinleet) closes apache/metron#763 METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly (nickwallen) closes apache/metron#759 METRON-1185 Stellar REPL does not work on a kerberized cluster when calling functions interacting with HBase closes apache/incubator-metron#755 METRON-1186 Profiler Functions use classutils from shaded storm closes apache/incubator-metron#758 METRON-1173 Fix pointers to old stellar docs closes apache/incubator-metron#746 METRON-1179 Make STATS_ADD to take a list closes apache/incubator-metron#750 METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list and not require a port closes apache/incubator-metron#751 METRON-1183 Improve KDC Setup Instructions (nickwallen) closes apache/metron#753 METRON-1177 Stale running topologies seen post-kerberization and cause exceptions (nickwallen) closes apache/metron#748 METRON-1158 Build backend for grouping alerts into meta alerts (justinleet) closes apache/metron#734 METRON-1146 Add ability to parse JSON string into JSONObject for stellar closes apache/incubator-metron#727 METRON-1176 REST: HDFS Service should support setting permissions on files when writing (ottobackwards) closes apache/metron#749 METRON-1114 Add group by capabilities to search REST endpoint (merrimanr) closes apache/metron#702 METRON-1167 Define Session Specific Global Configuration Values in the REPL (nickwallen) closes apache/metron#740 METRON-1171 Better validation for the SUBSTRING stellar function closes apache/incubator-metron#745 CHANGES.bro-plugin: METRON-1329 Simplify metron-bro-plugin-kafka package loading (JonZeolla) closes apache/metron-bro-plugin-kafka#4 METRON-813 Migrate metron-bro-plugin-kafka to be a bro package (JonZeolla) closes apache/metron-bro-plugin-kafka#3 METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes apache/metron-bro-plugin-kafka#1 METRON-1173 Fix pointers to old stellar docs closes apache/incubator-metron#746 METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes apache/metron#547 METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins (nickwallen) closes apache/incubator-metron#545 METRON-867 In the event that we graduate, remove incubating from the website and documentation closes apache/incubator-metron#539 METRON-823 bro-plugin-kafka/README.md has Markdown usages not compatible with site-book closes apache/incubator-metron#511 METRON-812 Make the bro-kafka plugin work with kerberos this closes apache/incubator-metron#501 METRON-108 Create Fast Packet Capture Process (nickwallen) closes apache/incubator-metron#73
