Either is fine with me. If it's x.y in some parts of the app I prefer to keep it consistent throughout, but I'm also fine with lining up with Apache/Metron where we can.
I also refreshed myself on why we avoided x.y.z initially and it was actually for this exact reason, we wanted consistent versioning throughout a repo. This issue is with the bro plugins themselves, not bro-pkg, so I submit a JIRA <https://bro-tracker.atlassian.net/browse/BIT-1985>. Jon On Wed, Sep 5, 2018, 21:51 Justin Leet <justinjl...@gmail.com> wrote: > Makes sense. Do we have any objection to just going to the artifact being > 0.2? Or do we want to keep the mixed versioning and just live with it, at > least for now? > > On Wed, Sep 5, 2018 at 8:58 PM zeo...@gmail.com <zeo...@gmail.com> wrote: > > > I think mattf-horton just did that as a part of convention. He handled > > that part, and I did the 0.1 tagging (as a prereq to this > > < > > > https://github.com/apache/metron/commit/2e78df67c12a6fcad726551128e9753ad36d5ee9#diff-8e3bdd364219306b1fad91047208e6e4R30 > > >) > > last time the package was released. > > > > Jon > > > > On Wed, Sep 5, 2018 at 8:28 PM Justin Leet <justinjl...@gmail.com> > wrote: > > > > > Any idea why we released it as 0.1.0 in the artifacts version? I'm > fine > > > with doing x.y if we need to, but I would like the artifact versioning > to > > > be consistent if possible. > > > > > > On Wed, Sep 5, 2018 at 8:26 PM zeo...@gmail.com <zeo...@gmail.com> > > wrote: > > > > > > > I lied, we didn't need to update our btests because it's limited to a > > > major > > > > and minor version. > > > > > > > > > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/src/Plugin.cc#L33-L34 > > > > > > > > Jon > > > > > > > > On Wed, Sep 5, 2018 at 8:10 PM zeo...@gmail.com <zeo...@gmail.com> > > > wrote: > > > > > > > > > I looked into x.y.z back when we released 0.1 and it was not > possible > > > in > > > > > bro-pkg at the time but now it is > > > > > <https://github.com/bro/package-manager/issues/32>. In order to > do > > > > this, > > > > > we'll also need to configure bro-pkg.meta to require the proper > > version > > > > of > > > > > bro-pkg, as well as update the btests for the new version string. > I > > > will > > > > > throw together a JIRA and PR to do all this in case we decide to > > align > > > > with > > > > > x.y.z; we can trash it if we decide to stay with x.y. > > > > > > > > > > Jon > > > > > > > > > > On Wed, Sep 5, 2018 at 7:35 PM Justin Leet <justinjl...@gmail.com> > > > > wrote: > > > > > > > > > >> Long story short, while preparing the release candidate, I > > discovered > > > > our > > > > >> metron-bro-plugin-kafka is inconsistently versioned. > > > > >> > > > > >> In the repo, it's x.y (e.g. 0.2) > > > > >> See: > > > > >> > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/VERSION#L18 > > > > >> > > > > >> In our released artifact, it's x.y.z (e.g. 0.1.0) > > > > >> See http://archive.apache.org/dist/metron/0.4.2/ > > > > >> > > > > >> Going forward from this release, I'd like the artifact to be > > > consistent > > > > >> with the repo. I'd personally prefer x.y.z to be entirely > > consistent > > > > >> throughout Metron, but if there's a particular reason why it was > x.y > > > I'm > > > > >> happy to entertain it. > > > > >> > > > > >> If we choose to move to x.y.z, I can provide a PR to update the > > > version > > > > to > > > > >> 0.2.0 unless someone else wants to volunteer. Otherwise, I'd like > to > > > > >> release the artifact as apache-metron-bro-plugin-kafka_0.2.tar.gz > > > > >> > > > > >> Justin > > > > >> > > > > >> On Tue, Sep 4, 2018 at 12:15 PM Justin Leet < > justinjl...@gmail.com> > > > > >> wrote: > > > > >> > > > > >> > As an update, I'll be working on starting the release process > > > rolling > > > > >> > today. The PCAP Query panel feature branch is in master and I > > > haven't > > > > >> heard > > > > >> > of any other potential blockers. I'd appreciate everyone > updating > > > > their > > > > >> > JIRAs with their state (complete, etc.) and version (0.6.0) as > > > needed. > > > > >> > > > > > >> > Do we have anything that needs to go into the UPGRADING.md file? > > > > >> > > > > > >> > A PR is out for updating the version from 0.5.1 to 0.6.0. Please > > see > > > > >> > https://github.com/apache/metron/pull/1183. I still need to > spin > > up > > > > >> full > > > > >> > dev etc. before this is ready to be merged. > > > > >> > > > > > >> > Updated list of PRs that have made it into master as of Sept 4, > > 2018 > > > > >> > > > > > >> > 6 days ago METRON-1751 Storm Profiler dies when consuming null > > > message > > > > >> > (nickwallen) closes apache/metron#1176 > > > > >> > 6 days ago METRON-1757 Storm Profiler Serialization Exception > > > > >> (nickwallen) > > > > >> > closes apache/metron#1178 > > > > >> > 6 days ago METRON-1743 CEF testPaloAltoCEF test using a > confusing > > > > >> variable > > > > >> > name (JonZeolla via justinleet) closes apache/metron#1173 > > > > >> > 8 days ago METRON-1752 Prevent package.lock from changing during > > > build > > > > >> > (sardell via merrimanr) closes apache/metron#1177 > > > > >> > 8 days ago METRON-1724 Date/time validation missing in PCAP > query > > > > >> (tiborm > > > > >> > via nickwallen) closes apache/metron#1172 > > > > >> > 3 weeks ago METRON-1554 Pcap Query Panel (merrimanr) closes > > > > >> > apache/metron#1169 > > > > >> > 3 weeks ago METRON-1739 UDP packets are not handled (merrimanr) > > > closes > > > > >> > apache/metron#1168 > > > > >> > 3 weeks ago METRON-1727: Alerts are not populated on the alerts > UI > > > > after > > > > >> > enabling X-pack for Elastic search (MohanDV via mmiklavc) closes > > > > >> > apache/metron#1141 > > > > >> > 3 weeks ago METRON-1738: Pcap directories should have correct > > > > >> permissions > > > > >> > (merrimanr via mmiklavc) closes apache/metron#1166 > > > > >> > 3 weeks ago METRON-1737: Document Job cleanup (merrimanr via > > > mmiklavc) > > > > >> > closes apache/metron#1164 > > > > >> > 3 weeks ago METRON-1732: Fix job status liveness bug and > > parallelize > > > > >> > finalizer file writing (mmiklavc via mmiklavc) closes > > > > apache/metron#1157 > > > > >> > 3 weeks ago METRON-1735 Empty print status option causes NPE > > > > (merrimanr) > > > > >> > closes apache/metron#1160 > > > > >> > 3 weeks ago METRON-1733 PCAP UI - PCAP queries don't work > on > > > > Safari > > > > >> > (sardell via merrimanr) closes apache/metron#1158 > > > > >> > 3 weeks ago METRON-1734 Src and Dst port filters are incorrect > > after > > > > >> > changing to empty (merrimanr) closes apache/metron#1159 > > > > >> > 4 weeks ago METRON-1725 Add ability to specify YARN queue for > pcap > > > > jobs > > > > >> > (merrimanr) closes apache/metron#1153 > > > > >> > 4 weeks ago METRON-1731: PCAP - Escape colons in output dir > names > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1155 > > > > >> > 4 weeks ago METRON-1702 Reload a running job in the UI > (merrimanr) > > > > >> closes > > > > >> > apache/metron#1156 > > > > >> > 4 weeks ago METRON-1722 PcapCLI should print progress to stdout > > > > >> > (merrimanr) closes apache/metron#1138 > > > > >> > 4 weeks ago Merge branch 'master' into > > > > >> feature/METRON-1554-pcap-query-panel > > > > >> > 4 weeks ago METRON-1728: Handle null values in config in Pcap > > > backend > > > > >> more > > > > >> > gracefully (mmiklavc via mmiklavc) closes apache/metron#1151 > > > > >> > 4 weeks ago METRON-1730: Update steps to run pycapa on Centos 6 > > > > >> (mmiklavc > > > > >> > via mmiklavc) closes apache/metron#1152 > > > > >> > 4 weeks ago METRON-1713 PCAP UI - Add a way to kill a pcap job > > > (tiborm > > > > >> via > > > > >> > merrimanr) closes apache/metron#1143 > > > > >> > 4 weeks ago METRON-1723 PCAP UI - Unable to select/copy from > > packets > > > > >> > details in PCAP query panel (sardell via merrimanr) closes > > > > >> > apache/metron#1139 > > > > >> > 4 weeks ago METRON-1712 PCAP UI - Input validation (tiborm via > > > > >> merrimanr) > > > > >> > closes apache/metron#1142 > > > > >> > 4 weeks ago METRON-1720 Better error messages when there are no > > > > results > > > > >> or > > > > >> > wireshark is not installed (merrimanr) closes apache/metron#1154 > > > > >> > 4 weeks ago METRON-1726: Refactor PcapTopologyIntegrationTest > > > > (mmiklavc > > > > >> > via mmiklavc) closes apache/metron#1140 > > > > >> > 4 weeks ago METRON-1683 PCAP UI - Fix the download progress bar > > > > (sardell > > > > >> > via merrimanr) closes apache/metron#1122 > > > > >> > 4 weeks ago METRON-1675 PCAP UI - Introduce the paging > capability > > > > >> (sardell > > > > >> > via merrimanr) closes apache/metron#1121 > > > > >> > 4 weeks ago METRON-1721 New default input path is wrong in pcap > > CLI > > > > >> > (merrimanr) closes apache/metron#1137 > > > > >> > 4 weeks ago Merge branch 'master' into > > > > >> feature/METRON-1554-pcap-query-panel > > > > >> > 4 weeks ago METRON-1676 PCAP UI - Add data range selector to the > > > > filter > > > > >> > bar (tiborm via merrimanr) closes apache/metron#1119 > > > > >> > 5 weeks ago METRON-1662 PCAP UI - Downloading PCAP page files > > > (tiborm > > > > >> via > > > > >> > merrimanr) closes apache/metron#1118 > > > > >> > 5 weeks ago METRON-1700 Create REST endpoint to get job > > > configuration > > > > >> > (merrimanr) closes apache/metron#1135 > > > > >> > 5 weeks ago METRON-1671 Create PCAP UI (tiborm via merrimanr) > > closes > > > > >> > apache/metron#1103 > > > > >> > 5 weeks ago METRON-1701 Update General notes on the installation > > of > > > > >> Pycapa > > > > >> > on Kerberized cluster (MohanDV via nickwallen) closes > > > > apache/metron#1136 > > > > >> > 6 weeks ago METRON-1650 Packaging docker containers are too > large > > > > >> > (jameslamb via merrimanr) closes apache/metron#1091 > > > > >> > 6 weeks ago METRON-1604 : Add RHEL 7 power pc to OS family for > the > > > HCP > > > > >> > management pack repo info closes apache/incubator-metron#1052 > > > > >> > 6 weeks ago Merge branch 'master' into > > > > >> feature/METRON-1554-pcap-query-panel > > > > >> > 6 weeks ago METRON-1687: Upgrade the rat plugin to 0.13-SNAPSHOT > > > > closes > > > > >> > apache/incubator-metron#1126 > > > > >> > 6 weeks ago METRON-1694: Clean up Metron REST docs closes > > > > >> > apache/incubator-metron#1131 > > > > >> > 6 weeks ago METRON-1691: REST should limit the number of Pcap > > jobs a > > > > >> user > > > > >> > can submit (merrimanr via mmiklavc) closes apache/metron#1129 > > > > >> > 6 weeks ago METRON-1693: Fix Pcap CLI local FS finalizer > (mmiklavc > > > via > > > > >> > mmiklavc) closes apache/metron#1130 > > > > >> > 6 weeks ago METRON-1690: Add more context to PcapJob JobStatus > > > > (mmiklavc > > > > >> > via mmiklavc) closes apache/metron#1128 > > > > >> > 6 weeks ago METRON-1661 Create Pcap Query Filter endpoint > > > (merrimanr) > > > > >> > closes apache/metron#1125 > > > > >> > 6 weeks ago METRON-1560 Update MPack to support Pcap panel > > > (merrimanr) > > > > >> > closes apache/metron#1124 > > > > >> > 7 weeks ago METRON-1606 Add a 'wrap' to incoming > > messages > > > in > > > > >> the > > > > >> > metron json parser (ottobackwards) closes apache/metron#1054 > > > > >> > 7 weeks ago METRON-1562 Enable Kerberos in REST for YARN and MR > > jobs > > > > >> > (merrimanr) closes apache/metron#1094 > > > > >> > 7 weeks ago Merge branch 'master' into > > > > >> feature/METRON-1554-pcap-query-panel > > > > >> > 7 weeks ago METRON-1685 Retrieve Pcap results in raw binary > format > > > > >> > (merrimanr) closes apache/metron#1123 > > > > >> > 7 weeks ago METRON-1638 Retrieve Pcap results in pdml format > > > > (merrimanr) > > > > >> > closes apache/metron#1120 > > > > >> > 7 weeks ago METRON-1686 Create stop job endpoint for Pcap > queries > > > > >> > (mmiklavc via merrimanr) closes apache/metron#1115 > > > > >> > 7 weeks ago METRON-1674 Create REST endpoint for job status > > > > abstraction > > > > >> > (merrimanr) closes apache/metron#1109 > > > > >> > 7 weeks ago METRON-1672 Add metron-alerts's UI unit tests > to > > > > travis > > > > >> > build process (justinleet) closes apache/metron#1106 > > > > >> > 7 weeks ago METRON-1614: Create job status abstraction (mmiklavc > > via > > > > >> > mmiklavc) closes apache/metron#1108 > > > > >> > 7 weeks ago METRON-1684 Fix Markdown problems in > 3rdPartyParser.md > > > > >> > (justinleet) closes apache/metron#1110 > > > > >> > 7 weeks ago METRON-1657 Parser aggregation in storm (justinleet) > > > > closes > > > > >> > apache/metron#1099 > > > > >> > 7 weeks ago METRON-1651 Fixing failing protractor e2e test > (tiborm > > > via > > > > >> > merrimanr) closes apache/metron#1095 > > > > >> > 7 weeks ago METRON-1673 Fix Javadoc errors (justinleet) closes > > > > >> > apache/metron#1107 > > > > >> > 7 weeks ago METRON-1620: Fixes for forensic clustering use case > > > > example > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > >> > 7 weeks ago METRON-1659: The platform-info.sh should check for > the > > > > >> vagrant > > > > >> > hostmanager plugin closes apache/incubator-metron#1100 > > > > >> > 7 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > >> > apache/incubator-metron#1101 > > > > >> > 7 weeks ago METRON-1236 Add start/stop/restart commands that > > execute > > > > >> > successfully, when ambari agents run as non-root user closes > > > > >> > apache/incubator-metron#1105 > > > > >> > 7 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is locale > > > sensitive > > > > >> > closes apache/incubator-metron#1104 > > > > >> > 8 weeks ago METRON-1660 On Solr, sorting by threat score fails > > > > >> > (justinleet) closes apache/metron#1102 > > > > >> > 8 weeks ago METRON-1656 Create KAKFA_SEEK function (nickwallen) > > > closes > > > > >> > apache/metron#1097 > > > > >> > 8 weeks ago Resolve merge conflicts with master. > > > > >> > 8 weeks ago METRON-1641: Enable Pcap jobs to be submitted > > > > asynchronously > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1081 > > > > >> > 8 weeks ago METRON-1644: Support parser chaining closes > > > > >> > apache/incubator-metron#1084 > > > > >> > 8 weeks ago METRON-1655 Make REGEXP_MATCH take multiple regexs > in > > > the > > > > >> 2nd > > > > >> > arg (ottobackwards) closes apache/metron#1098 > > > > >> > 9 weeks ago METRON-1643: Create a REGEX_ROUTING field > > transformation > > > > >> > closes apache/incubator-metron#1083 > > > > >> > 9 weeks ago METRON-1652 Document X-Pack Common Problem > > (nickwallen) > > > > >> closes > > > > >> > apache/metron#1092 > > > > >> > 9 weeks ago METRON-1649 Intermittent Test Failure > > > > >> > ProfileBuilderBoltTest#testFlushExpiredProfiles (nickwallen) > > closes > > > > >> > apache/metron#1090 > > > > >> > 9 weeks ago METRON-1635 Alerts UI status update doesn't > > > > immediately > > > > >> > show up (merrimanr) closes apache/metron#1080 > > > > >> > 9 weeks ago METRON-1642: KafkaWriter should be able choose the > > topic > > > > >> from > > > > >> > a field in addition to topology construction time closes > > > > >> > apache/incubator-metron#1082 > > > > >> > 9 weeks ago METRON-1636: Fix broken unit test setup in > > metron-alerts > > > > >> > closes apache/incubator-metron#1085 > > > > >> > 10 weeks ago METRON-1631 Alerts UI: Dash score does not show if > > only > > > > >> > filtering by one group (sardell via merrimanr) closes > > > > apache/metron#1079 > > > > >> > 10 weeks ago METRON-1647 Fix logging level score closes > > > > >> > apache/incubator-metron#1089 > > > > >> > 10 weeks ago METRON-1621: Sorting alerts table by score closes > > > > >> > apache/incubator-metron#1088 > > > > >> > 10 weeks ago METRON-1619: Stellar empty collections should be > > > > considered > > > > >> > false in boolean expressions closes apache/incubator-metron#1064 > > > > >> > 10 weeks ago METRON-1646 Sensor Stubs should work when > kerberized > > > > >> > (nickwallen) closes apache/metron#1087 > > > > >> > 10 weeks ago METRON-1645: Check wether the Solr management pack > is > > > > >> > installed before configuring the solr principal name. closes > > > > >> > apache/incubator-metron#1086 > > > > >> > 2 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 2 months ago METRON-1634 Alerts UI add comment doesn't > > > > immediately > > > > >> > show up. (merrimanr) closes apache/metron#1077 > > > > >> > 2 months ago Merge branch 'master' into > > > > >> > feature/METRON-1554-pcap-query-panel > > > > >> > 2 months ago METRON-1555 Update REST to run YARN and MR jobs > > > > (merrimanr) > > > > >> > closes apache/metron#1019 > > > > >> > 2 months ago METRON-1489 Retrofit UI tests to run reliably > during > > > > >> nightly > > > > >> > QE runs (sardell via nickwallen) closes apache/metron#1004 > > > > >> > 2 months ago METRON-1637 Wrong path to escalate alert REST > > endpoint > > > > >> > (merrimanr) closes apache/metron#1078 > > > > >> > 2 months ago METRON-1624 Set Profiler and Enrichment batch > > > parameters > > > > in > > > > >> > Ambari (nickwallen) closes apache/metron#1069 > > > > >> > 2 months ago Merge remote-tracking branch 'origin/master' into > > > > >> > feature/METRON-1416-upgrade-solr > > > > >> > 2 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > (nickwallen) closes apache/metron#1075 > > > > >> > 2 months ago METRON-1629 Update Solr documentation (merrimanr > via > > > > >> > justinleet) closes apache/metron#1072 > > > > >> > 3 months ago METRON-1633 Incorrect instructions when merging PR > > into > > > > >> > feature branch (nickwallen) closes apache/metron#1074 > > > > >> > 3 months ago METRON-1630 Add threat.triage.score.field to > READMEs > > > > >> > (merrimanr) closes apache/metron#1073 > > > > >> > 3 months ago METRON-1609 Elasticsearch settings in Ambari should > > not > > > > be > > > > >> > required if Solr is the indexer (nickwallen) closes > > > apache/metron#1056 > > > > >> > 3 months ago METRON-1627 Alerts UI: Metaalert details missing in > > > > details > > > > >> > panel when trying to add alert to existing metaalert (sardell > via > > > > >> > justinleet) closes apache/metron#1070 > > > > >> > 3 months ago METRON-1625 Merge master into Solr feature branch > > > > >> (merrimanr) > > > > >> > closes apache/metron#1067 > > > > >> > 3 months ago METRON-1626 Alerts UI: An empty result is returned > > when > > > > >> > searching for a single alert contained in a metaalert (sardell > via > > > > >> > nickwallen) closes apache/metron#1068 > > > > >> > 3 months ago METRON-1611 Increment master version number to > 0.5.1 > > > for > > > > >> > on-going development (justinleet) closes apache/metron#1057 > > > > >> > 3 months ago METRON-1622 Allow user to define global property > > > > >> > 'threat.triage.score.field' in Ambari (nickwallen) closes > > > > >> apache/metron#1066 > > > > >> > 3 months ago METRON-1599 Allow user to define global property > > > > >> > 'source.type.field' in Ambari (nickwallen) closes > > apache/metron#1047 > > > > >> > 3 months ago METRON-1616 Changing alert status fails if no > > > metaalerts > > > > >> have > > > > >> > been created yet (merrimanr) closes apache/metron#1061 > > > > >> > 3 months ago METRON-1573 Enhance KAFKA_* functions to return > > > partition > > > > >> and > > > > >> > offset details (nickwallen) closes apache/metron#1030 > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago METRON-1617: Make threat triage score function with > > > dots > > > > as > > > > >> > well as colons closes apache/incubator-metron#1062 > > > > >> > 3 months ago METRON-1613 Metaalerts status update broken in > Alerts > > > UI > > > > >> > (merrimanr) closes apache/metron#1059 > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago METRON-1588 Migrate storm-kafka-client to 1.2.1 > > closes > > > > >> > apache/incubator-metron#1039 > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago Merge branch 'feature/METRON-1416-upgrade-solr' of > > > > >> > https://git-wip-us.apache.org/repos/asf/metron into > > > > >> > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 3 months ago METRON-1587 Make collection utility work for HDP > > search > > > > >> > (merrimanr) closes apache/metron#1043 > > > > >> > 3 months ago METRON-1612 Fix website download links (justinleet) > > > > closes > > > > >> > apache/metron#1058 > > > > >> > 3 months ago METRON-1608 Add configuration for > threat.triage.field > > > > name > > > > >> > (merrimanr) closes apache/metron#1055 > > > > >> > 3 months ago METRON-1585 SolrRetrieveLatestDao does not use the > > > > >> collection > > > > >> > lookup (justinleet via merrimanr) closes apache/metron#1050 > > > > >> > 3 months ago METRON-1533 Create KAFKA_FIND Stellar Function > > > > (nickwallen) > > > > >> > closes apache/metron#1025 > > > > >> > 3 months ago METRON-1601: Rename metaalert alert nested field to > > > > >> > metron_alert to avoid collision closes > > apache/incubator-metron#1049 > > > > >> > 3 months ago METRON-1572 Enhance KAFKA_PUT function (nickwallen) > > > > closes > > > > >> > apache/metron#1024 > > > > >> > 3 months ago METRON-1607 update public web site to point at > 0.5.0 > > > new > > > > >> > release (justinleet) closes apache/metron#1053 > > > > >> > 3 months ago METRON-1568: Stellar should have a _ special > variable > > > > which > > > > >> > returns the message in map form closes > > apache/incubator-metron#1021 > > > > >> > 3 months ago METRON-1594: KafkaWriter is asynchronous and may > lose > > > > data > > > > >> on > > > > >> > node failure (mmiklavc via mmiklavc) closes apache/metron#1045 > > > > >> > 3 months ago METRON-1603: Fix multivalue field errors in Bro > Solr > > > > schema > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > >> > 3 months ago METRON-1584 Indexing Topology Crashes with Invalid > > > > Message > > > > >> > (nickwallen) closes apache/metron#1036 > > > > >> > 3 months ago METRON-1547 Solr Comment Fields (justinleet) closes > > > > >> > apache/metron#1037 > > > > >> > 3 months ago METRON-1553 Validate JIRA Script Error (nickwallen) > > > > closes > > > > >> > apache/metron#1013 > > > > >> > 3 months ago METRON-1592 Unable to use third party parser with > > Storm > > > > >> > versions >= 1.1.0 (nickwallen) closes apache/metron#1042 > > > > >> > 3 months ago METRON-1598 NoClassDefFoundError when running with > > > > >> > Elasticsearch X-Pack (nickwallen) closes apache/metron#1048 > > > > >> > 3 months ago METRON-1589 '/api/v1/search/search' fails when > 'Solr > > > > >> > Zookeeper Urls' has comma separated multiple zookeeper urls > > > > (justinleet) > > > > >> > closes apache/metron#1040 > > > > >> > 3 months ago METRON-1593 Setting Metron rest additional > classpath > > > > >> removes > > > > >> > HBase and Hadoop configs from classpath (merrimanr) closes > > > > >> > apache/metron#1044 > > > > >> > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek to End Logic > > > > >> (nickwallen) > > > > >> > closes apache/metron#1023 > > > > >> > 3 months ago METRON-1579: Stellar should return the expression > > that > > > > >> failed > > > > >> > in the exception closes apache/incubator-metron#1033 > > > > >> > 3 months ago METRON-1586 Defaulting for the source type field in > > > > alerts > > > > >> UI > > > > >> > does not work (merrimanr via justinleet) closes > apache/metron#1038 > > > > >> > 3 months ago METRON-1569: Allow user to change field name > > conversion > > > > >> when > > > > >> > indexing to Elasticsearch (nickwallen via mmiklavc) closes > > > > >> > apache/metron#1022 > > > > >> > 3 months ago METRON-1544 Flaky test: > > > > >> > > > > > > > org.apache.metron.stellar.common.CachingStellarProcessorTest#testCaching > > > > >> > (nickwallen) closes apache/metron#1015 > > > > >> > 3 months ago METRON-1580 Release candidate check script requires > > Bro > > > > >> > Plugin (nickwallen via ottobackwards) closes apache/metron#1034 > > > > >> > 3 months ago METRON-1532 Getting started documentation > > improvements > > > > >> > (sardell via nickwallen) closes apache/metron#1001 > > > > >> > 3 months ago METRON-1577 Solr searches don't include the > > index > > > of > > > > >> the > > > > >> > result (merrimanr) closes apache/metron#1031 > > > > >> > 3 months ago METRON-1421 Create a SolrMetaAlertDao (justinleet) > > > closes > > > > >> > apache/metron#970 > > > > >> > 4 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 4 months ago METRON-1567 Large error message can't be > written > > > in > > > > >> Solr > > > > >> > (justinleet) closes apache/metron#1020 > > > > >> > 4 months ago METRON-1540 Solr Integration tests should use > actual > > > > >> schemas > > > > >> > (justinleet) closes apache/metron#1005 > > > > >> > 4 months ago Merge remote-tracking branch 'origin/master' into > > > > >> > feature/METRON-1416-upgrade-solr > > > > >> > 4 months ago METRON-1526 Location field types cause > DocValuesField > > > > >> appear > > > > >> > more than once error (merrimanr via justinleet) closes > > > > apache/metron#995 > > > > >> > 5 months ago METRON-1503 Alerts are not getting populated in > > alerts > > > UI > > > > >> > when search engine is Solr (merrimanr) closes apache/metron#975 > > > > >> > 6 months ago METRON-1424 Kerberos: Solr (merrimanr) closes > > > > >> > apache/metron#960 > > > > >> > 6 months ago METRON-1482 Update REST to work with Solr > (merrimanr) > > > > >> closes > > > > >> > apache/metron#957 > > > > >> > 6 months ago METRON-1464 Convert schemas to be compatible with > > Solr > > > > >> 5.5.2 > > > > >> > (merrimanr) closes apache/metron#945 > > > > >> > 6 months ago METRON-1423 Ambari work to handle Solr > configuration > > > > >> > (merrimanr) closes apache/metron#934 > > > > >> > 6 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 7 months ago METRON-1448: Update SolrWriter to conform to new > > > > collection > > > > >> > strategy this closes apache/incubator-metron#929 > > > > >> > 7 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 7 months ago Merge branch 'master' into > > > > feature/METRON-1416-upgrade-solr > > > > >> > 7 months ago METRON-1441: Create complementary Solr schemas for > > the > > > > main > > > > >> > sensors this closes apache/metron#922 > > > > >> > 7 months ago METRON-1436: Manually Install Solr Cloud in Full > Dev > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#918 > > > > >> > 7 months ago METRON-1419: Create a SolrDao this closes > > > > >> > apache/incubator-metron#911 > > > > >> > > > > > >> > > > > > >> > On Wed, Aug 15, 2018 at 2:15 PM Michael Miklavcic < > > > > >> > michael.miklav...@gmail.com> wrote: > > > > >> > > > > > >> >> +1 here as well to the proposed releases. > > > > >> >> > > > > >> >> On Wed, Aug 15, 2018 at 11:06 AM Casey Stella < > > ceste...@gmail.com> > > > > >> wrote: > > > > >> >> > > > > >> >> > +1 to both releases, this is plenty for an 0.6.0 and a 0.2.0 > > > > >> >> > > > > > >> >> > On Wed, Aug 15, 2018 at 11:04 AM Justin Leet < > > > > justinjl...@gmail.com> > > > > >> >> > wrote: > > > > >> >> > > > > > >> >> > > I just sent a thread about release cadence. Jon, I'd > > recommend > > > > >> >> starting a > > > > >> >> > > thread on a 1.0 roadmap. I thought about merging the > > threads, > > > > but > > > > >> I > > > > >> >> > think > > > > >> >> > > that's just going to result in more crosstalk, so I'll let > > you > > > > >> start > > > > >> >> that > > > > >> >> > > conversation. > > > > >> >> > > > > > > >> >> > > On Wed, Aug 15, 2018 at 10:37 AM Nick Allen < > > > n...@nickallen.org> > > > > >> >> wrote: > > > > >> >> > > > > > > >> >> > > > +1 to a 0.6.0 release that includes the Pcap Panel and > Solr > > > > work. > > > > >> >> > > > > > > > >> >> > > > +1 to doing a 0.2.0 release for > metron-bro-plugin-kafka. I > > > > >> *think* > > > > >> >> we > > > > >> >> > > need > > > > >> >> > > > to do the plugin release first, so that the 0.6.0 Metron > > > > release > > > > >> >> will > > > > >> >> > > point > > > > >> >> > > > to plugin 0.2.0. > > > > >> >> > > > > > > > >> >> > > > FWIW, here are the changes since the last release. > > > > >> >> > > > > > > > >> >> > > > 6 days ago METRON-1730: Update steps to run pycapa on > > Centos > > > 6 > > > > >> >> > (mmiklavc > > > > >> >> > > > via mmiklavc) closes apache/metron#1152 > > > > >> >> > > > 2 weeks ago METRON-1701 Update General notes on the > > > > installation > > > > >> of > > > > >> >> > > Pycapa > > > > >> >> > > > on Kerberized cluster (MohanDV via nickwallen) closes > > > > >> >> > apache/metron#1136 > > > > >> >> > > > 3 weeks ago METRON-1650 Packaging docker containers are > too > > > > large > > > > >> >> > > > (jameslamb via merrimanr) closes apache/metron#1091 > > > > >> >> > > > 3 weeks ago METRON-1604 : Add RHEL 7 power pc to OS > family > > > for > > > > >> the > > > > >> >> HCP > > > > >> >> > > > management pack repo info closes > > apache/incubator-metron#1052 > > > > >> >> > > > 3 weeks ago METRON-1687: Upgrade the rat plugin to > > > > 0.13-SNAPSHOT > > > > >> >> closes > > > > >> >> > > > apache/incubator-metron#1126 > > > > >> >> > > > 3 weeks ago METRON-1694: Clean up Metron REST docs closes > > > > >> >> > > > apache/incubator-metron#1131 > > > > >> >> > > > 4 weeks ago METRON-1606 Add a 'wrap' to > incoming > > > > >> messages > > > > >> >> in > > > > >> >> > > the > > > > >> >> > > > metron json parser (ottobackwards) closes > > apache/metron#1054 > > > > >> >> > > > 4 weeks ago METRON-1672 Add metron-alerts's UI unit > > > tests > > > > to > > > > >> >> > travis > > > > >> >> > > > build process (justinleet) closes apache/metron#1106 > > > > >> >> > > > 4 weeks ago METRON-1684 Fix Markdown problems in > > > > >> 3rdPartyParser.md > > > > >> >> > > > (justinleet) closes apache/metron#1110 > > > > >> >> > > > 4 weeks ago METRON-1657 Parser aggregation in storm > > > > (justinleet) > > > > >> >> closes > > > > >> >> > > > apache/metron#1099 > > > > >> >> > > > 4 weeks ago METRON-1651 Fixing failing protractor e2e > test > > > > >> (tiborm > > > > >> >> via > > > > >> >> > > > merrimanr) closes apache/metron#1095 > > > > >> >> > > > 4 weeks ago METRON-1673 Fix Javadoc errors (justinleet) > > > closes > > > > >> >> > > > apache/metron#1107 > > > > >> >> > > > 4 weeks ago METRON-1620: Fixes for forensic clustering > use > > > case > > > > >> >> example > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > >> >> > > > 4 weeks ago METRON-1659: The platform-info.sh should > check > > > for > > > > >> the > > > > >> >> > > vagrant > > > > >> >> > > > hostmanager plugin closes apache/incubator-metron#1100 > > > > >> >> > > > 4 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > >> >> > > > apache/incubator-metron#1101 > > > > >> >> > > > 4 weeks ago METRON-1236 Add start/stop/restart commands > > that > > > > >> execute > > > > >> >> > > > successfully, when ambari agents run as non-root user > > closes > > > > >> >> > > > apache/incubator-metron#1105 > > > > >> >> > > > 4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is > > locale > > > > >> >> sensitive > > > > >> >> > > > closes apache/incubator-metron#1104 > > > > >> >> > > > 5 weeks ago METRON-1660 On Solr, sorting by threat score > > > fails > > > > >> >> > > (justinleet) > > > > >> >> > > > closes apache/metron#1102 > > > > >> >> > > > 5 weeks ago METRON-1656 Create KAKFA_SEEK function > > > (nickwallen) > > > > >> >> closes > > > > >> >> > > > apache/metron#1097 > > > > >> >> > > > 5 weeks ago METRON-1644: Support parser chaining closes > > > > >> >> > > > apache/incubator-metron#1084 > > > > >> >> > > > 5 weeks ago METRON-1655 Make REGEXP_MATCH take multiple > > > regexs > > > > in > > > > >> >> the > > > > >> >> > 2nd > > > > >> >> > > > arg (ottobackwards) closes apache/metron#1098 > > > > >> >> > > > 6 weeks ago METRON-1643: Create a REGEX_ROUTING field > > > > >> transformation > > > > >> >> > > closes > > > > >> >> > > > apache/incubator-metron#1083 > > > > >> >> > > > 6 weeks ago METRON-1652 Document X-Pack Common Problem > > > > >> (nickwallen) > > > > >> >> > > closes > > > > >> >> > > > apache/metron#1092 > > > > >> >> > > > 6 weeks ago METRON-1649 Intermittent Test Failure > > > > >> >> > > > ProfileBuilderBoltTest#testFlushExpiredProfiles > > > > >> >> > > > (nickwallen) closes apache/metron#1090 > > > > >> >> > > > 6 weeks ago METRON-1635 Alerts UI status update > > doesn't > > > > >> >> > immediately > > > > >> >> > > > show up (merrimanr) closes apache/metron#1080 > > > > >> >> > > > 6 weeks ago METRON-1642: KafkaWriter should be able > choose > > > the > > > > >> topic > > > > >> >> > > from a > > > > >> >> > > > field in addition to topology construction time closes > > > > >> >> > > > apache/incubator-metron#1082 > > > > >> >> > > > 6 weeks ago METRON-1636: Fix broken unit test setup in > > > > >> metron-alerts > > > > >> >> > > closes > > > > >> >> > > > apache/incubator-metron#1085 > > > > >> >> > > > 7 weeks ago METRON-1631 Alerts UI: Dash score does not > show > > > if > > > > >> only > > > > >> >> > > > filtering by one group (sardell via merrimanr) closes > > > > >> >> > apache/metron#1079 > > > > >> >> > > > 7 weeks ago METRON-1647 Fix logging level score closes > > > > >> >> > > > apache/incubator-metron#1089 > > > > >> >> > > > 7 weeks ago METRON-1621: Sorting alerts table by score > > closes > > > > >> >> > > > apache/incubator-metron#1088 > > > > >> >> > > > 7 weeks ago METRON-1619: Stellar empty collections should > > be > > > > >> >> considered > > > > >> >> > > > false in boolean expressions closes > > > > apache/incubator-metron#1064 > > > > >> >> > > > 7 weeks ago METRON-1646 Sensor Stubs should work when > > > > kerberized > > > > >> >> > > > (nickwallen) closes apache/metron#1087 > > > > >> >> > > > 7 weeks ago METRON-1645: Check wether the Solr management > > > pack > > > > is > > > > >> >> > > installed > > > > >> >> > > > before configuring the solr principal name. closes > > > > >> >> > > > apache/incubator-metron#1086 > > > > >> >> > > > 7 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 7 weeks ago METRON-1634 Alerts UI add comment > doesn't > > > > >> >> immediately > > > > >> >> > > show > > > > >> >> > > > up. (merrimanr) closes apache/metron#1077 > > > > >> >> > > > 7 weeks ago METRON-1489 Retrofit UI tests to run reliably > > > > during > > > > >> >> > nightly > > > > >> >> > > QE > > > > >> >> > > > runs (sardell via nickwallen) closes apache/metron#1004 > > > > >> >> > > > 7 weeks ago METRON-1637 Wrong path to escalate alert REST > > > > >> endpoint > > > > >> >> > > > (merrimanr) closes apache/metron#1078 > > > > >> >> > > > 8 weeks ago METRON-1624 Set Profiler and Enrichment batch > > > > >> >> parameters in > > > > >> >> > > > Ambari (nickwallen) closes apache/metron#1069 > > > > >> >> > > > 8 weeks ago Merge remote-tracking branch 'origin/master' > > into > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 8 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > (nickwallen) closes apache/metron#1075 > > > > >> >> > > > 8 weeks ago METRON-1629 Update Solr documentation > > (merrimanr > > > > via > > > > >> >> > > > justinleet) closes apache/metron#1072 > > > > >> >> > > > 8 weeks ago METRON-1633 Incorrect instructions when > merging > > > PR > > > > >> into > > > > >> >> > > feature > > > > >> >> > > > branch (nickwallen) closes apache/metron#1074 > > > > >> >> > > > 8 weeks ago METRON-1630 Add threat.triage.score.field to > > > > READMEs > > > > >> >> > > > (merrimanr) closes apache/metron#1073 > > > > >> >> > > > 8 weeks ago METRON-1609 Elasticsearch settings in Ambari > > > should > > > > >> not > > > > >> >> be > > > > >> >> > > > required if Solr is the indexer (nickwallen) closes > > > > >> >> apache/metron#1056 > > > > >> >> > > > 8 weeks ago METRON-1627 Alerts UI: Metaalert details > > missing > > > in > > > > >> >> details > > > > >> >> > > > panel when trying to add alert to existing metaalert > > (sardell > > > > via > > > > >> >> > > > justinleet) closes apache/metron#1070 > > > > >> >> > > > 8 weeks ago METRON-1625 Merge master into Solr feature > > branch > > > > >> >> > (merrimanr) > > > > >> >> > > > closes apache/metron#1067 > > > > >> >> > > > 8 weeks ago METRON-1626 Alerts UI: An empty result is > > > returned > > > > >> when > > > > >> >> > > > searching for a single alert contained in a metaalert > > > (sardell > > > > >> via > > > > >> >> > > > nickwallen) closes apache/metron#1068 > > > > >> >> > > > 8 weeks ago METRON-1611 Increment master version number > to > > > > 0.5.1 > > > > >> for > > > > >> >> > > > on-going development (justinleet) closes > apache/metron#1057 > > > > >> >> > > > 8 weeks ago METRON-1622 Allow user to define global > > property > > > > >> >> > > > 'threat.triage.score.field' in Ambari (nickwallen) closes > > > > >> >> > > > apache/metron#1066 > > > > >> >> > > > 8 weeks ago METRON-1599 Allow user to define global > > property > > > > >> >> > > > 'source.type.field' in Ambari (nickwallen) closes > > > > >> apache/metron#1047 > > > > >> >> > > > 8 weeks ago METRON-1616 Changing alert status fails if no > > > > >> metaalerts > > > > >> >> > have > > > > >> >> > > > been created yet (merrimanr) closes apache/metron#1061 > > > > >> >> > > > 8 weeks ago METRON-1573 Enhance KAFKA_* functions to > return > > > > >> >> partition > > > > >> >> > and > > > > >> >> > > > offset details (nickwallen) closes apache/metron#1030 > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago METRON-1617: Make threat triage score > function > > > with > > > > >> >> dots as > > > > >> >> > > > well as colons closes apache/incubator-metron#1062 > > > > >> >> > > > 9 weeks ago METRON-1613 Metaalerts status update broken > in > > > > >> Alerts UI > > > > >> >> > > > (merrimanr) closes apache/metron#1059 > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago METRON-1588 Migrate storm-kafka-client to > 1.2.1 > > > > >> closes > > > > >> >> > > > apache/incubator-metron#1039 > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago Merge branch > 'feature/METRON-1416-upgrade-solr' > > > of > > > > >> >> > > > https://git-wip-us.apache.org/repos/asf/metron into > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > >> >> feature/METRON-1416-upgrade-solr > > > > >> >> > > > 9 weeks ago METRON-1587 Make collection utility work for > > HDP > > > > >> search > > > > >> >> > > > (merrimanr) closes apache/metron#1043 > > > > >> >> > > > 9 weeks ago METRON-1612 Fix website download links > > > (justinleet) > > > > >> >> closes > > > > >> >> > > > apache/metron#1058 > > > > >> >> > > > 9 weeks ago METRON-1608 Add configuration for > > > > threat.triage.field > > > > >> >> name > > > > >> >> > > > (merrimanr) closes apache/metron#1055 > > > > >> >> > > > 10 weeks ago METRON-1585 SolrRetrieveLatestDao does not > use > > > the > > > > >> >> > > collection > > > > >> >> > > > lookup (justinleet via merrimanr) closes > apache/metron#1050 > > > > >> >> > > > 10 weeks ago METRON-1533 Create KAFKA_FIND Stellar > Function > > > > >> >> > (nickwallen) > > > > >> >> > > > closes apache/metron#1025 > > > > >> >> > > > 10 weeks ago METRON-1601: Rename metaalert alert nested > > field > > > > to > > > > >> >> > > > metron_alert to avoid collision closes > > > > >> apache/incubator-metron#1049 > > > > >> >> > > > 10 weeks ago METRON-1572 Enhance KAFKA_PUT function > > > > (nickwallen) > > > > >> >> closes > > > > >> >> > > > apache/metron#1024 > > > > >> >> > > > 10 weeks ago METRON-1607 update public web site to point > at > > > > 0.5.0 > > > > >> >> new > > > > >> >> > > > release (justinleet) closes apache/metron#1053 > > > > >> >> > > > 10 weeks ago METRON-1568: Stellar should have a _ special > > > > >> variable > > > > >> >> > which > > > > >> >> > > > returns the message in map form closes > > > > >> apache/incubator-metron#1021 > > > > >> >> > > > 2 months ago METRON-1594: KafkaWriter is asynchronous and > > may > > > > >> lose > > > > >> >> data > > > > >> >> > > on > > > > >> >> > > > node failure (mmiklavc via mmiklavc) closes > > > apache/metron#1045 > > > > >> >> > > > 2 months ago METRON-1603: Fix multivalue field errors in > > Bro > > > > Solr > > > > >> >> > schema > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > >> >> > > > 2 months ago METRON-1584 Indexing Topology Crashes with > > > Invalid > > > > >> >> Message > > > > >> >> > > > (nickwallen) closes apache/metron#1036 > > > > >> >> > > > 2 months ago METRON-1547 Solr Comment Fields (justinleet) > > > > closes > > > > >> >> > > > apache/metron#1037 > > > > >> >> > > > 2 months ago METRON-1553 Validate JIRA Script Error > > > > (nickwallen) > > > > >> >> closes > > > > >> >> > > > apache/metron#1013 > > > > >> >> > > > 2 months ago METRON-1592 Unable to use third party parser > > > with > > > > >> Storm > > > > >> >> > > > versions >= 1.1.0 (nickwallen) closes apache/metron#1042 > > > > >> >> > > > 2 months ago METRON-1598 NoClassDefFoundError when > running > > > with > > > > >> >> > > > Elasticsearch X-Pack (nickwallen) closes > apache/metron#1048 > > > > >> >> > > > 2 months ago METRON-1589 '/api/v1/search/search' fails > when > > > > 'Solr > > > > >> >> > > Zookeeper > > > > >> >> > > > Urls' has comma separated multiple zookeeper urls > > > (justinleet) > > > > >> >> closes > > > > >> >> > > > apache/metron#1040 > > > > >> >> > > > 2 months ago METRON-1593 Setting Metron rest additional > > > > classpath > > > > >> >> > removes > > > > >> >> > > > HBase and Hadoop configs from classpath (merrimanr) > closes > > > > >> >> > > > apache/metron#1044 > > > > >> >> > > > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek to End > > Logic > > > > >> >> > > (nickwallen) > > > > >> >> > > > closes apache/metron#1023 > > > > >> >> > > > 3 months ago METRON-1579: Stellar should return the > > > expression > > > > >> that > > > > >> >> > > failed > > > > >> >> > > > in the exception closes apache/incubator-metron#1033 > > > > >> >> > > > 3 months ago METRON-1586 Defaulting for the source type > > field > > > > in > > > > >> >> alerts > > > > >> >> > > UI > > > > >> >> > > > does not work (merrimanr via justinleet) closes > > > > >> apache/metron#1038 > > > > >> >> > > > 3 months ago METRON-1569: Allow user to change field name > > > > >> conversion > > > > >> >> > when > > > > >> >> > > > indexing to Elasticsearch (nickwallen via mmiklavc) > closes > > > > >> >> > > > apache/metron#1022 > > > > >> >> > > > 3 months ago METRON-1544 Flaky test: > > > > >> >> org.apache.metron.stellar.common. > > > > >> >> > > > CachingStellarProcessorTest#testCaching (nickwallen) > closes > > > > >> >> > > > apache/metron#1015 > > > > >> >> > > > 3 months ago METRON-1580 Release candidate check script > > > > requires > > > > >> Bro > > > > >> >> > > Plugin > > > > >> >> > > > (nickwallen via ottobackwards) closes apache/metron#1034 > > > > >> >> > > > 3 months ago METRON-1532 Getting started documentation > > > > >> improvements > > > > >> >> > > > (sardell via nickwallen) closes apache/metron#1001 > > > > >> >> > > > 3 months ago METRON-1577 Solr searches don't include > > the > > > > >> index > > > > >> >> of > > > > >> >> > > the > > > > >> >> > > > result (merrimanr) closes apache/metron#1031 > > > > >> >> > > > 3 months ago METRON-1421 Create a SolrMetaAlertDao > > > (justinleet) > > > > >> >> closes > > > > >> >> > > > apache/metron#970 > > > > >> >> > > > 3 months ago Merge branch 'master' into > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 3 months ago METRON-1567 Large error message can't > be > > > > >> written > > > > >> >> in > > > > >> >> > > Solr > > > > >> >> > > > (justinleet) closes apache/metron#1020 > > > > >> >> > > > 4 months ago METRON-1540 Solr Integration tests should > use > > > > actual > > > > >> >> > schemas > > > > >> >> > > > (justinleet) closes apache/metron#1005 > > > > >> >> > > > 4 months ago Merge remote-tracking branch 'origin/master' > > > into > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 4 months ago METRON-1526 Location field types cause > > > > >> DocValuesField > > > > >> >> > appear > > > > >> >> > > > more than once error (merrimanr via justinleet) closes > > > > >> >> > apache/metron#995 > > > > >> >> > > > 4 months ago METRON-1503 Alerts are not getting populated > > in > > > > >> alerts > > > > >> >> UI > > > > >> >> > > when > > > > >> >> > > > search engine is Solr (merrimanr) closes > apache/metron#975 > > > > >> >> > > > 5 months ago METRON-1424 Kerberos: Solr (merrimanr) > closes > > > > >> >> > > > apache/metron#960 > > > > >> >> > > > 5 months ago METRON-1482 Update REST to work with Solr > > > > >> (merrimanr) > > > > >> >> > closes > > > > >> >> > > > apache/metron#957 > > > > >> >> > > > 5 months ago METRON-1464 Convert schemas to be compatible > > > with > > > > >> Solr > > > > >> >> > 5.5.2 > > > > >> >> > > > (merrimanr) closes apache/metron#945 > > > > >> >> > > > 6 months ago METRON-1423 Ambari work to handle Solr > > > > configuration > > > > >> >> > > > (merrimanr) closes apache/metron#934 > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 6 months ago METRON-1448: Update SolrWriter to conform to > > new > > > > >> >> > collection > > > > >> >> > > > strategy this closes apache/incubator-metron#929 > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > >> >> > > > 6 months ago METRON-1441: Create complementary Solr > schemas > > > for > > > > >> the > > > > >> >> > main > > > > >> >> > > > sensors this closes apache/metron#922 > > > > >> >> > > > 6 months ago METRON-1436: Manually Install Solr Cloud in > > Full > > > > Dev > > > > >> >> > > (mmiklavc > > > > >> >> > > > via mmiklavc) closes apache/metron#918 > > > > >> >> > > > 7 months ago METRON-1419: Create a SolrDao this closes > > > > >> >> > > > apache/incubator-metron#911 > > > > >> >> > > > > > > > >> >> > > > > > > > >> >> > > > > > > > >> >> > > > On Wed, Aug 15, 2018 at 9:48 AM, zeo...@gmail.com < > > > > >> zeo...@gmail.com > > > > >> >> > > > > > >> >> > > > wrote: > > > > >> >> > > > > > > > >> >> > > > > I agree - I would love to see a release not long after > > the > > > > >> PCAP FB > > > > >> >> > gets > > > > >> >> > > > > into master, and 0.6.0 makes sense to me. > > > > >> >> > > > > > > > > >> >> > > > > I'd also like to see a 0.2 release of > > > > metron-bro-plugin-kafka. > > > > >> >> There > > > > >> >> > > is > > > > >> >> > > > > one new commit, and I have a PR open which is waiting > on > > > some > > > > >> >> tests > > > > >> >> > > > before > > > > >> >> > > > > it's ready to be evaluated/merged. I will try to get > > that > > > > work > > > > >> >> done > > > > >> >> > > > asap. > > > > >> >> > > > > As of right now metron's dev ansible scripts pin to a > > > > specific > > > > >> >> > release > > > > >> >> > > of > > > > >> >> > > > > metron-bro-plugin-kafka (0.1 > > > > >> >> > > > > <0.1 > https://github.com/apache/metron/blob/master/metron- > > > > >> >> > > > > deployment/ansible/roles/bro/vars/main.yml>), > > > > >> >> > > > > and I'm fine leaving that as is until after the coming > > > > release, > > > > >> >> but > > > > >> >> > we > > > > >> >> > > > > could also do a metron-bro-plugin-kafka release first > and > > > > then > > > > >> >> update > > > > >> >> > > > > metron to point the dev environment to the new package > > > prior > > > > to > > > > >> >> the > > > > >> >> > > > > upcoming RC. > > > > >> >> > > > > > > > > >> >> > > > > I would also like to discuss what the roadmap looks > like > > > for > > > > a > > > > >> 1.0 > > > > >> >> > > > release > > > > >> >> > > > > and perhaps a more regular release schedule. I have > some > > > > >> thoughts > > > > >> >> > but > > > > >> >> > > > > don't want to hijack this thread. > > > > >> >> > > > > > > > > >> >> > > > > Jon > > > > >> >> > > > > > > > > >> >> > > > > On Wed, Aug 15, 2018 at 9:11 AM Justin Leet < > > > > >> >> justinjl...@gmail.com> > > > > >> >> > > > wrote: > > > > >> >> > > > > > > > > >> >> > > > > > Hi all, > > > > >> >> > > > > > > > > > >> >> > > > > > It's been a little while since the last release, and > a > > > > couple > > > > >> >> major > > > > >> >> > > > items > > > > >> >> > > > > > have gone in since then (or are hopefully close to > > going > > > > >> in!). > > > > >> >> In > > > > >> >> > > > > > particular, I'd personally like to see a release with > > our > > > > >> Solr > > > > >> >> work > > > > >> >> > > > > > <https://issues.apache.org/jira/browse/METRON-1416> > > and > > > > the > > > > >> >> > > > > > close-to-completion PCAP Query Panel > > > > >> >> > > > > > <https://issues.apache.org/jira/browse/METRON-1554>. > > > > There > > > > >> is > > > > >> >> a > > > > >> >> > > > thread > > > > >> >> > > > > > < > > > > >> >> > > > > > > > > > >> >> > > > > > https://lists.apache.org/thread.html/94ebc9be23f6f2ec8c53f8f6b71e97 > > > > >> >> > > > > d6919baf415caf534e2b25ba9b@%3Cdev.metron.apache.org%3E > > > > >> >> > > > > > > > > > > >> >> > > > > > around what's left before merging the PCAP feature > > > branch, > > > > I > > > > >> >> > > encourage > > > > >> >> > > > > you > > > > >> >> > > > > > to take a look. There are also some nice-to-haves as > > well > > > > as > > > > >> >> some > > > > >> >> > > > Apache > > > > >> >> > > > > > cleanup around the RAT tool and typescript files > > > > >> >> > > > > > <https://github.com/apache/metron/pull/1126>. > > > > >> >> > > > > > > > > > >> >> > > > > > Version Number > > > > >> >> > > > > > I'm proposing bumping to 0.6.0, in particular because > > of > > > > the > > > > >> >> Solr > > > > >> >> > and > > > > >> >> > > > > PCAP > > > > >> >> > > > > > efforts. We can adjust that as necessary. > > > > >> >> > > > > > > > > > >> >> > > > > > I'm proposing we release this from the Metron master > > > > branch, > > > > >> >> plus > > > > >> >> > any > > > > >> >> > > > > > commits the community considers necessary. Note that > > I'm > > > > >> >> proposing > > > > >> >> > > > that > > > > >> >> > > > > > this release occur after the PCAP feature branch is > > > merged > > > > >> into > > > > >> >> > > master. > > > > >> >> > > > > > > > > > >> >> > > > > > Proposed Timeframe > > > > >> >> > > > > > I would tentatively like to start work on the RC > > > Wednesday, > > > > >> >> > September > > > > >> >> > > > > 5th. > > > > >> >> > > > > > It's a little further out than usual, but I wanted to > > > kick > > > > >> off > > > > >> >> the > > > > >> >> > > > > > discussion before Labor Day and to give ongoing time > > to > > > > >> settle. > > > > >> >> > And > > > > >> >> > > > also > > > > >> >> > > > > > because I'll be unavailable around Labor Day. > > > > >> >> > > > > > > > > > >> >> > > > > > JIRA Status > > > > >> >> > > > > > There are 31 open PRs at > > > > >> https://github.com/apache/metron/pulls > > > > >> >> . > > > > >> >> > We > > > > >> >> > > > > should > > > > >> >> > > > > > work on getting anything we feel merits inclusion > > closed > > > > out. > > > > >> >> > Please > > > > >> >> > > > > > respond with any tickets we'd like included. > > > > >> >> > > > > > > > > > >> >> > > > > > A couple of these are for the PCAP feature branch, > and > > > > there > > > > >> >> will > > > > >> >> > be > > > > >> >> > > at > > > > >> >> > > > > > least one more for documentation. > > > > >> >> > > > > > > > > > >> >> > > > > > There will be updates necessary to get our Jira up to > > > date. > > > > >> >> I'll > > > > >> >> > > > follow > > > > >> >> > > > > up > > > > >> >> > > > > > on that, and ask that everyone double check their > > > tickets. > > > > >> >> > > > > > > > > > >> >> > > > > > There have been 106 commits since the 0.5.0 release > > > (listed > > > > >> at > > > > >> >> the > > > > >> >> > > end > > > > >> >> > > > of > > > > >> >> > > > > > message). There will be a few more when we pull in > the > > > PCAP > > > > >> >> feature > > > > >> >> > > > > branch. > > > > >> >> > > > > > > > > > >> >> > > > > > Completed PRs as of Aug 15 as generated by git log > > > > >> --pretty="%cr > > > > >> >> > %s" > > > > >> >> > > > > > tags/apache-metron-0.5.0-release..HEAD. > > > > >> >> > > > > > > > > > >> >> > > > > > 5 days ago METRON-1730: Update steps to run pycapa on > > > > Centos > > > > >> 6 > > > > >> >> > > > (mmiklavc > > > > >> >> > > > > > via mmiklavc) closes apache/metron#1152 > > > > >> >> > > > > > 13 days ago METRON-1701 Update General notes on the > > > > >> >> installation of > > > > >> >> > > > > Pycapa > > > > >> >> > > > > > on Kerberized cluster (MohanDV via nickwallen) closes > > > > >> >> > > > apache/metron#1136 > > > > >> >> > > > > > 3 weeks ago METRON-1650 Packaging docker containers > are > > > too > > > > >> >> large > > > > >> >> > > > > > (jameslamb via merrimanr) closes apache/metron#1091 > > > > >> >> > > > > > 3 weeks ago METRON-1604 : Add RHEL 7 power pc to OS > > > family > > > > >> for > > > > >> >> the > > > > >> >> > > HCP > > > > >> >> > > > > > management pack repo info closes > > > > apache/incubator-metron#1052 > > > > >> >> > > > > > 3 weeks ago METRON-1687: Upgrade the rat plugin to > > > > >> 0.13-SNAPSHOT > > > > >> >> > > closes > > > > >> >> > > > > > apache/incubator-metron#1126 > > > > >> >> > > > > > 3 weeks ago METRON-1694: Clean up Metron REST docs > > closes > > > > >> >> > > > > > apache/incubator-metron#1131 > > > > >> >> > > > > > 4 weeks ago METRON-1606 Add a 'wrap' to > > > incoming > > > > >> >> messages > > > > >> >> > > in > > > > >> >> > > > > the > > > > >> >> > > > > > metron json parser (ottobackwards) closes > > > > apache/metron#1054 > > > > >> >> > > > > > 4 weeks ago METRON-1672 Add metron-alerts's UI > > unit > > > > >> tests > > > > >> >> to > > > > >> >> > > > travis > > > > >> >> > > > > > build process (justinleet) closes apache/metron#1106 > > > > >> >> > > > > > 4 weeks ago METRON-1684 Fix Markdown problems in > > > > >> >> 3rdPartyParser.md > > > > >> >> > > > > > (justinleet) closes apache/metron#1110 > > > > >> >> > > > > > 4 weeks ago METRON-1657 Parser aggregation in storm > > > > >> (justinleet) > > > > >> >> > > closes > > > > >> >> > > > > > apache/metron#1099 > > > > >> >> > > > > > 4 weeks ago METRON-1651 Fixing failing protractor e2e > > > test > > > > >> >> (tiborm > > > > >> >> > > via > > > > >> >> > > > > > merrimanr) closes apache/metron#1095 > > > > >> >> > > > > > 4 weeks ago METRON-1673 Fix Javadoc errors > (justinleet) > > > > >> closes > > > > >> >> > > > > > apache/metron#1107 > > > > >> >> > > > > > 4 weeks ago METRON-1620: Fixes for forensic > clustering > > > use > > > > >> case > > > > >> >> > > example > > > > >> >> > > > > > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > >> >> > > > > > 4 weeks ago METRON-1659: The platform-info.sh should > > > check > > > > >> for > > > > >> >> the > > > > >> >> > > > > vagrant > > > > >> >> > > > > > hostmanager plugin closes > apache/incubator-metron#1100 > > > > >> >> > > > > > 4 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > >> >> > > > > > apache/incubator-metron#1101 > > > > >> >> > > > > > 4 weeks ago METRON-1236 Add start/stop/restart > commands > > > > that > > > > >> >> > execute > > > > >> >> > > > > > successfully, when ambari agents run as non-root user > > > > closes > > > > >> >> > > > > > apache/incubator-metron#1105 > > > > >> >> > > > > > 4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is > > > > locale > > > > >> >> > > sensitive > > > > >> >> > > > > > closes apache/incubator-metron#1104 > > > > >> >> > > > > > 5 weeks ago METRON-1660 On Solr, sorting by threat > > score > > > > >> fails > > > > >> >> > > > > (justinleet) > > > > >> >> > > > > > closes apache/metron#1102 > > > > >> >> > > > > > 5 weeks ago METRON-1656 Create KAKFA_SEEK function > > > > >> (nickwallen) > > > > >> >> > > closes > > > > >> >> > > > > > apache/metron#1097 > > > > >> >> > > > > > 5 weeks ago METRON-1644: Support parser chaining > closes > > > > >> >> > > > > > apache/incubator-metron#1084 > > > > >> >> > > > > > 5 weeks ago METRON-1655 Make REGEXP_MATCH take > multiple > > > > >> regexs > > > > >> >> in > > > > >> >> > the > > > > >> >> > > > 2nd > > > > >> >> > > > > > arg (ottobackwards) closes apache/metron#1098 > > > > >> >> > > > > > 6 weeks ago METRON-1643: Create a REGEX_ROUTING field > > > > >> >> > transformation > > > > >> >> > > > > closes > > > > >> >> > > > > > apache/incubator-metron#1083 > > > > >> >> > > > > > 6 weeks ago METRON-1652 Document X-Pack Common > Problem > > > > >> >> (nickwallen) > > > > >> >> > > > > closes > > > > >> >> > > > > > apache/metron#1092 > > > > >> >> > > > > > 6 weeks ago METRON-1649 Intermittent Test Failure > > > > >> >> > > > > > ProfileBuilderBoltTest#testFlushExpiredProfiles > > > > (nickwallen) > > > > >> >> closes > > > > >> >> > > > > > apache/metron#1090 > > > > >> >> > > > > > 6 weeks ago METRON-1635 Alerts UI status update > > > > doesn't > > > > >> >> > > > immediately > > > > >> >> > > > > > show up (merrimanr) closes apache/metron#1080 > > > > >> >> > > > > > 6 weeks ago METRON-1642: KafkaWriter should be able > > > choose > > > > >> the > > > > >> >> > topic > > > > >> >> > > > > from a > > > > >> >> > > > > > field in addition to topology construction time > closes > > > > >> >> > > > > > apache/incubator-metron#1082 > > > > >> >> > > > > > 6 weeks ago METRON-1636: Fix broken unit test setup > in > > > > >> >> > metron-alerts > > > > >> >> > > > > closes > > > > >> >> > > > > > apache/incubator-metron#1085 > > > > >> >> > > > > > 7 weeks ago METRON-1631 Alerts UI: Dash score does > not > > > show > > > > >> if > > > > >> >> only > > > > >> >> > > > > > filtering by one group (sardell via merrimanr) closes > > > > >> >> > > > apache/metron#1079 > > > > >> >> > > > > > 7 weeks ago METRON-1647 Fix logging level score > closes > > > > >> >> > > > > > apache/incubator-metron#1089 > > > > >> >> > > > > > 7 weeks ago METRON-1621: Sorting alerts table by > score > > > > closes > > > > >> >> > > > > > apache/incubator-metron#1088 > > > > >> >> > > > > > 7 weeks ago METRON-1619: Stellar empty collections > > should > > > > be > > > > >> >> > > considered > > > > >> >> > > > > > false in boolean expressions closes > > > > >> apache/incubator-metron#1064 > > > > >> >> > > > > > 7 weeks ago METRON-1646 Sensor Stubs should work when > > > > >> kerberized > > > > >> >> > > > > > (nickwallen) closes apache/metron#1087 > > > > >> >> > > > > > 7 weeks ago METRON-1645: Check wether the Solr > > management > > > > >> pack > > > > >> >> is > > > > >> >> > > > > installed > > > > >> >> > > > > > before configuring the solr principal name. closes > > > > >> >> > > > > > apache/incubator-metron#1086 > > > > >> >> > > > > > 7 weeks ago Merge branch 'master' into > > > > >> >> > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > > > 7 weeks ago METRON-1634 Alerts UI add comment > > > doesn't > > > > >> >> > > immediately > > > > >> >> > > > > show > > > > >> >> > > > > > up. (merrimanr) closes apache/metron#1077 > > > > >> >> > > > > > 7 weeks ago METRON-1489 Retrofit UI tests to run > > reliably > > > > >> during > > > > >> >> > > > nightly > > > > >> >> > > > > QE > > > > >> >> > > > > > runs (sardell via nickwallen) closes > apache/metron#1004 > > > > >> >> > > > > > 7 weeks ago METRON-1637 Wrong path to escalate alert > > REST > > > > >> >> endpoint > > > > >> >> > > > > > (merrimanr) closes apache/metron#1078 > > > > >> >> > > > > > 8 weeks ago METRON-1624 Set Profiler and Enrichment > > batch > > > > >> >> > parameters > > > > >> >> > > in > > > > >> >> > > > > > Ambari (nickwallen) closes apache/metron#1069 > > > > >> >> > > > > > 8 weeks ago Merge remote-tracking branch > > 'origin/master' > > > > into > > > > >> >> > > > > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > > > 8 weeks ago Merge branch 'master' into > > > > >> >> > > feature/METRON-1416-upgrade-solr > > > > >> >> > > > > > (nickwallen) closes apache/metron#1075 > > > > >> >> > > > > > 8 weeks ago METRON-1629 Update Solr documentation > > > > (merrimanr > > > > >> via > > > > >> >> > > > > > justinleet) closes apache/metron#1072 > > > > >> >> > > > > > 8 weeks ago METRON-1633 Incorrect instructions when > > > merging > > > > >> PR > > > > >> >> into > > > > >> >> > > > > feature > > > > >> >> > > > > > branch (nickwallen) closes apache/metron#1074 > > > > >> >> > > > > > 8 weeks ago METRON-1630 Add threat.triage.score.field > > to > > > > >> READMEs > > > > >> >> > > > > > (merrimanr) closes apache/metron#1073 > > > > >> >> > > > > > 8 weeks ago METRON-1609 Elasticsearch settings in > > Ambari > > > > >> should > > > > >> >> not > > > > >> >> > > be > > > > >> >> > > > > > required if Solr is the indexer (nickwallen) closes > > > > >> >> > > apache/metron#1056 > > > > >> >> > > > > > 8 weeks ago METRON-1627 Alerts UI: Metaalert details > > > > missing > > > > >> in > > > > >> >> > > details > > > > >> >> > > > > > panel when trying to add alert to existing metaalert > > > > (sardell > > > > >> >> via > > > > >> >> > > > > > justinleet) closes apache/metron#1070 > > > > >> >> > > > > > 8 weeks ago METRON-1625 Merge master into Solr > feature > > > > branch > > > > >> >> > > > (merrimanr) > > > > >> >> > > > > > closes apache/metron#1067 > > > > >> >> > > > > > 8 weeks ago METRON-1626 Alerts UI: An empty result is > > > > >> returned > > > > >> >> when > > > > >> >> > > > > > searching for a single alert contained in a metaalert > > > > >> (sardell > > > > >> >> via > > > > >> >> > > > > > nickwallen) closes apache/metron#1068 > > > > >> >> > > > > > 8 weeks ago METRON-1611 Increment master version > number > > > to > > > > >> 0.5.1 > > > > >> >> > for > > > > >> >> > > > > > on-going development (justinleet) closes > > > apache/metron#1057 > > > > >> >> > > > > > 8 weeks ago METRON-1622 Allow user to define global > > > > property > > > > >> >> > > > > > 'threat.triage.score.field' in Ambari (nickwallen) > > closes > > > > >> >> > > > > > apache/metron#1066 > > > > >> >> > > > > > 8 weeks ago METRON-1599 Allow user to define global > > > > property > > > > >> >> > > > > > 'source.type.field' in Ambari (nickwallen) closes > > > > >> >> > apache/metron#1047 > > > > >> >> > > > > > 8 weeks ago METRON-1616 Changing alert status fails > if > > no > > > > >> >> > metaalerts > > > > >> >> > > > have > > > > >> >> > > > > > been created yet (merrimanr) closes > apache/metron#1061 > > > > >> >> > > > > > 8 weeks ago METRON-1573 Enhance KAFKA_* functions to > > > return > > > > >> >> > partiti -- Jon
