Github user ctramnitz commented on the issue:
https://github.com/apache/metron/pull/579
@ottobackwards Where is the regression? If a user used the parser
previously with a full syslog header it will continue to work the same way. The
result will be the same odd domain field "<syslog header>, 1" instead of "1".
The parser hasn't changed, only the test which expects just the message now.
And since the test was non-functional before (it was never invoked), this
cannot be regression either.
The only thing that has changed is some field names, but since this was
utterly broken before, i.e.
BasicPaloAltoFirewallParser.java line 84++
```
- public static final String Bytes = "content_type";
- public static final String BytesSent = "content_type";
- public static final String BytesReceived = "content_type";
- public static final String Packets = "content_type";
- public static final String StartTime = "content_type";
- public static final String ElapsedTimeInSec = "content_type";
- public static final String Padding = "content_type";
```
I wouldn't call this a regression, it may be worth a note though.
---
