I'm not aware of the bro plugin artifacts being used in any way. Jon
On Thu, Sep 6, 2018, 10:59 Justin Leet <justinjl...@gmail.com> wrote: > Do we use the artifacts directly at all? Or is it through bro-pkg only? > > Also, It's very possible I'm making a mountain out of a molehill here, and > if it's something that's not particularly important, it might be worthwhile > to just stick with what we did last time, and just table this discussion > until post release. It feels pretty nitpicky at this point, and if the > practical implications are pretty minor, I'd rather just get an RC out. > > On Thu, Sep 6, 2018 at 10:02 AM zeo...@gmail.com <zeo...@gmail.com> wrote: > > > Either is fine with me. If it's x.y in some parts of the app I prefer to > > keep it consistent throughout, but I'm also fine with lining up with > > Apache/Metron where we can. > > > > I also refreshed myself on why we avoided x.y.z initially and it was > > actually for this exact reason, we wanted consistent versioning > throughout > > a repo. This issue is with the bro plugins themselves, not bro-pkg, so I > > submit a JIRA <https://bro-tracker.atlassian.net/browse/BIT-1985>. > > > > Jon > > > > > > On Wed, Sep 5, 2018, 21:51 Justin Leet <justinjl...@gmail.com> wrote: > > > > > Makes sense. Do we have any objection to just going to the artifact > being > > > 0.2? Or do we want to keep the mixed versioning and just live with it, > > at > > > least for now? > > > > > > On Wed, Sep 5, 2018 at 8:58 PM zeo...@gmail.com <zeo...@gmail.com> > > wrote: > > > > > > > I think mattf-horton just did that as a part of convention. He > handled > > > > that part, and I did the 0.1 tagging (as a prereq to this > > > > < > > > > > > > > > > https://github.com/apache/metron/commit/2e78df67c12a6fcad726551128e9753ad36d5ee9#diff-8e3bdd364219306b1fad91047208e6e4R30 > > > > >) > > > > last time the package was released. > > > > > > > > Jon > > > > > > > > On Wed, Sep 5, 2018 at 8:28 PM Justin Leet <justinjl...@gmail.com> > > > wrote: > > > > > > > > > Any idea why we released it as 0.1.0 in the artifacts version? I'm > > > fine > > > > > with doing x.y if we need to, but I would like the artifact > > versioning > > > to > > > > > be consistent if possible. > > > > > > > > > > On Wed, Sep 5, 2018 at 8:26 PM zeo...@gmail.com <zeo...@gmail.com> > > > > wrote: > > > > > > > > > > > I lied, we didn't need to update our btests because it's limited > > to a > > > > > major > > > > > > and minor version. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/src/Plugin.cc#L33-L34 > > > > > > > > > > > > Jon > > > > > > > > > > > > On Wed, Sep 5, 2018 at 8:10 PM zeo...@gmail.com < > zeo...@gmail.com> > > > > > wrote: > > > > > > > > > > > > > I looked into x.y.z back when we released 0.1 and it was not > > > possible > > > > > in > > > > > > > bro-pkg at the time but now it is > > > > > > > <https://github.com/bro/package-manager/issues/32>. In order > to > > > do > > > > > > this, > > > > > > > we'll also need to configure bro-pkg.meta to require the proper > > > > version > > > > > > of > > > > > > > bro-pkg, as well as update the btests for the new version > string. > > > I > > > > > will > > > > > > > throw together a JIRA and PR to do all this in case we decide > to > > > > align > > > > > > with > > > > > > > x.y.z; we can trash it if we decide to stay with x.y. > > > > > > > > > > > > > > Jon > > > > > > > > > > > > > > On Wed, Sep 5, 2018 at 7:35 PM Justin Leet < > > justinjl...@gmail.com> > > > > > > wrote: > > > > > > > > > > > > > >> Long story short, while preparing the release candidate, I > > > > discovered > > > > > > our > > > > > > >> metron-bro-plugin-kafka is inconsistently versioned. > > > > > > >> > > > > > > >> In the repo, it's x.y (e.g. 0.2) > > > > > > >> See: > > > > > > >> > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/VERSION#L18 > > > > > > >> > > > > > > >> In our released artifact, it's x.y.z (e.g. 0.1.0) > > > > > > >> See http://archive.apache.org/dist/metron/0.4.2/ > > > > > > >> > > > > > > >> Going forward from this release, I'd like the artifact to be > > > > > consistent > > > > > > >> with the repo. I'd personally prefer x.y.z to be entirely > > > > consistent > > > > > > >> throughout Metron, but if there's a particular reason why it > was > > > x.y > > > > > I'm > > > > > > >> happy to entertain it. > > > > > > >> > > > > > > >> If we choose to move to x.y.z, I can provide a PR to update > the > > > > > version > > > > > > to > > > > > > >> 0.2.0 unless someone else wants to volunteer. Otherwise, I'd > > like > > > to > > > > > > >> release the artifact as > > apache-metron-bro-plugin-kafka_0.2.tar.gz > > > > > > >> > > > > > > >> Justin > > > > > > >> > > > > > > >> On Tue, Sep 4, 2018 at 12:15 PM Justin Leet < > > > justinjl...@gmail.com> > > > > > > >> wrote: > > > > > > >> > > > > > > >> > As an update, I'll be working on starting the release > process > > > > > rolling > > > > > > >> > today. The PCAP Query panel feature branch is in master and > I > > > > > haven't > > > > > > >> heard > > > > > > >> > of any other potential blockers. I'd appreciate everyone > > > updating > > > > > > their > > > > > > >> > JIRAs with their state (complete, etc.) and version (0.6.0) > as > > > > > needed. > > > > > > >> > > > > > > > >> > Do we have anything that needs to go into the UPGRADING.md > > file? > > > > > > >> > > > > > > > >> > A PR is out for updating the version from 0.5.1 to 0.6.0. > > Please > > > > see > > > > > > >> > https://github.com/apache/metron/pull/1183. I still need to > > > spin > > > > up > > > > > > >> full > > > > > > >> > dev etc. before this is ready to be merged. > > > > > > >> > > > > > > > >> > Updated list of PRs that have made it into master as of Sept > > 4, > > > > 2018 > > > > > > >> > > > > > > > >> > 6 days ago METRON-1751 Storm Profiler dies when consuming > null > > > > > message > > > > > > >> > (nickwallen) closes apache/metron#1176 > > > > > > >> > 6 days ago METRON-1757 Storm Profiler Serialization > Exception > > > > > > >> (nickwallen) > > > > > > >> > closes apache/metron#1178 > > > > > > >> > 6 days ago METRON-1743 CEF testPaloAltoCEF test using a > > > confusing > > > > > > >> variable > > > > > > >> > name (JonZeolla via justinleet) closes apache/metron#1173 > > > > > > >> > 8 days ago METRON-1752 Prevent package.lock from changing > > during > > > > > build > > > > > > >> > (sardell via merrimanr) closes apache/metron#1177 > > > > > > >> > 8 days ago METRON-1724 Date/time validation missing in PCAP > > > query > > > > > > >> (tiborm > > > > > > >> > via nickwallen) closes apache/metron#1172 > > > > > > >> > 3 weeks ago METRON-1554 Pcap Query Panel (merrimanr) closes > > > > > > >> > apache/metron#1169 > > > > > > >> > 3 weeks ago METRON-1739 UDP packets are not handled > > (merrimanr) > > > > > closes > > > > > > >> > apache/metron#1168 > > > > > > >> > 3 weeks ago METRON-1727: Alerts are not populated on the > > alerts > > > UI > > > > > > after > > > > > > >> > enabling X-pack for Elastic search (MohanDV via mmiklavc) > > closes > > > > > > >> > apache/metron#1141 > > > > > > >> > 3 weeks ago METRON-1738: Pcap directories should have > correct > > > > > > >> permissions > > > > > > >> > (merrimanr via mmiklavc) closes apache/metron#1166 > > > > > > >> > 3 weeks ago METRON-1737: Document Job cleanup (merrimanr via > > > > > mmiklavc) > > > > > > >> > closes apache/metron#1164 > > > > > > >> > 3 weeks ago METRON-1732: Fix job status liveness bug and > > > > parallelize > > > > > > >> > finalizer file writing (mmiklavc via mmiklavc) closes > > > > > > apache/metron#1157 > > > > > > >> > 3 weeks ago METRON-1735 Empty print status option causes NPE > > > > > > (merrimanr) > > > > > > >> > closes apache/metron#1160 > > > > > > >> > 3 weeks ago METRON-1733 PCAP UI - PCAP queries don't > work > > > on > > > > > > Safari > > > > > > >> > (sardell via merrimanr) closes apache/metron#1158 > > > > > > >> > 3 weeks ago METRON-1734 Src and Dst port filters are > incorrect > > > > after > > > > > > >> > changing to empty (merrimanr) closes apache/metron#1159 > > > > > > >> > 4 weeks ago METRON-1725 Add ability to specify YARN queue > for > > > pcap > > > > > > jobs > > > > > > >> > (merrimanr) closes apache/metron#1153 > > > > > > >> > 4 weeks ago METRON-1731: PCAP - Escape colons in output dir > > > names > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1155 > > > > > > >> > 4 weeks ago METRON-1702 Reload a running job in the UI > > > (merrimanr) > > > > > > >> closes > > > > > > >> > apache/metron#1156 > > > > > > >> > 4 weeks ago METRON-1722 PcapCLI should print progress to > > stdout > > > > > > >> > (merrimanr) closes apache/metron#1138 > > > > > > >> > 4 weeks ago Merge branch 'master' into > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > >> > 4 weeks ago METRON-1728: Handle null values in config in > Pcap > > > > > backend > > > > > > >> more > > > > > > >> > gracefully (mmiklavc via mmiklavc) closes apache/metron#1151 > > > > > > >> > 4 weeks ago METRON-1730: Update steps to run pycapa on > Centos > > 6 > > > > > > >> (mmiklavc > > > > > > >> > via mmiklavc) closes apache/metron#1152 > > > > > > >> > 4 weeks ago METRON-1713 PCAP UI - Add a way to kill a pcap > job > > > > > (tiborm > > > > > > >> via > > > > > > >> > merrimanr) closes apache/metron#1143 > > > > > > >> > 4 weeks ago METRON-1723 PCAP UI - Unable to select/copy from > > > > packets > > > > > > >> > details in PCAP query panel (sardell via merrimanr) closes > > > > > > >> > apache/metron#1139 > > > > > > >> > 4 weeks ago METRON-1712 PCAP UI - Input validation (tiborm > via > > > > > > >> merrimanr) > > > > > > >> > closes apache/metron#1142 > > > > > > >> > 4 weeks ago METRON-1720 Better error messages when there are > > no > > > > > > results > > > > > > >> or > > > > > > >> > wireshark is not installed (merrimanr) closes > > apache/metron#1154 > > > > > > >> > 4 weeks ago METRON-1726: Refactor > PcapTopologyIntegrationTest > > > > > > (mmiklavc > > > > > > >> > via mmiklavc) closes apache/metron#1140 > > > > > > >> > 4 weeks ago METRON-1683 PCAP UI - Fix the download progress > > bar > > > > > > (sardell > > > > > > >> > via merrimanr) closes apache/metron#1122 > > > > > > >> > 4 weeks ago METRON-1675 PCAP UI - Introduce the paging > > > capability > > > > > > >> (sardell > > > > > > >> > via merrimanr) closes apache/metron#1121 > > > > > > >> > 4 weeks ago METRON-1721 New default input path is wrong in > > pcap > > > > CLI > > > > > > >> > (merrimanr) closes apache/metron#1137 > > > > > > >> > 4 weeks ago Merge branch 'master' into > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > >> > 4 weeks ago METRON-1676 PCAP UI - Add data range selector to > > the > > > > > > filter > > > > > > >> > bar (tiborm via merrimanr) closes apache/metron#1119 > > > > > > >> > 5 weeks ago METRON-1662 PCAP UI - Downloading PCAP page > files > > > > > (tiborm > > > > > > >> via > > > > > > >> > merrimanr) closes apache/metron#1118 > > > > > > >> > 5 weeks ago METRON-1700 Create REST endpoint to get job > > > > > configuration > > > > > > >> > (merrimanr) closes apache/metron#1135 > > > > > > >> > 5 weeks ago METRON-1671 Create PCAP UI (tiborm via > merrimanr) > > > > closes > > > > > > >> > apache/metron#1103 > > > > > > >> > 5 weeks ago METRON-1701 Update General notes on the > > installation > > > > of > > > > > > >> Pycapa > > > > > > >> > on Kerberized cluster (MohanDV via nickwallen) closes > > > > > > apache/metron#1136 > > > > > > >> > 6 weeks ago METRON-1650 Packaging docker containers are too > > > large > > > > > > >> > (jameslamb via merrimanr) closes apache/metron#1091 > > > > > > >> > 6 weeks ago METRON-1604 : Add RHEL 7 power pc to OS family > for > > > the > > > > > HCP > > > > > > >> > management pack repo info closes > apache/incubator-metron#1052 > > > > > > >> > 6 weeks ago Merge branch 'master' into > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > >> > 6 weeks ago METRON-1687: Upgrade the rat plugin to > > 0.13-SNAPSHOT > > > > > > closes > > > > > > >> > apache/incubator-metron#1126 > > > > > > >> > 6 weeks ago METRON-1694: Clean up Metron REST docs closes > > > > > > >> > apache/incubator-metron#1131 > > > > > > >> > 6 weeks ago METRON-1691: REST should limit the number of > Pcap > > > > jobs a > > > > > > >> user > > > > > > >> > can submit (merrimanr via mmiklavc) closes > apache/metron#1129 > > > > > > >> > 6 weeks ago METRON-1693: Fix Pcap CLI local FS finalizer > > > (mmiklavc > > > > > via > > > > > > >> > mmiklavc) closes apache/metron#1130 > > > > > > >> > 6 weeks ago METRON-1690: Add more context to PcapJob > JobStatus > > > > > > (mmiklavc > > > > > > >> > via mmiklavc) closes apache/metron#1128 > > > > > > >> > 6 weeks ago METRON-1661 Create Pcap Query Filter endpoint > > > > > (merrimanr) > > > > > > >> > closes apache/metron#1125 > > > > > > >> > 6 weeks ago METRON-1560 Update MPack to support Pcap panel > > > > > (merrimanr) > > > > > > >> > closes apache/metron#1124 > > > > > > >> > 7 weeks ago METRON-1606 Add a 'wrap' to incoming > > > > messages > > > > > in > > > > > > >> the > > > > > > >> > metron json parser (ottobackwards) closes apache/metron#1054 > > > > > > >> > 7 weeks ago METRON-1562 Enable Kerberos in REST for YARN and > > MR > > > > jobs > > > > > > >> > (merrimanr) closes apache/metron#1094 > > > > > > >> > 7 weeks ago Merge branch 'master' into > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > >> > 7 weeks ago METRON-1685 Retrieve Pcap results in raw binary > > > format > > > > > > >> > (merrimanr) closes apache/metron#1123 > > > > > > >> > 7 weeks ago METRON-1638 Retrieve Pcap results in pdml format > > > > > > (merrimanr) > > > > > > >> > closes apache/metron#1120 > > > > > > >> > 7 weeks ago METRON-1686 Create stop job endpoint for Pcap > > > queries > > > > > > >> > (mmiklavc via merrimanr) closes apache/metron#1115 > > > > > > >> > 7 weeks ago METRON-1674 Create REST endpoint for job status > > > > > > abstraction > > > > > > >> > (merrimanr) closes apache/metron#1109 > > > > > > >> > 7 weeks ago METRON-1672 Add metron-alerts's UI unit > tests > > > to > > > > > > travis > > > > > > >> > build process (justinleet) closes apache/metron#1106 > > > > > > >> > 7 weeks ago METRON-1614: Create job status abstraction > > (mmiklavc > > > > via > > > > > > >> > mmiklavc) closes apache/metron#1108 > > > > > > >> > 7 weeks ago METRON-1684 Fix Markdown problems in > > > 3rdPartyParser.md > > > > > > >> > (justinleet) closes apache/metron#1110 > > > > > > >> > 7 weeks ago METRON-1657 Parser aggregation in storm > > (justinleet) > > > > > > closes > > > > > > >> > apache/metron#1099 > > > > > > >> > 7 weeks ago METRON-1651 Fixing failing protractor e2e test > > > (tiborm > > > > > via > > > > > > >> > merrimanr) closes apache/metron#1095 > > > > > > >> > 7 weeks ago METRON-1673 Fix Javadoc errors (justinleet) > closes > > > > > > >> > apache/metron#1107 > > > > > > >> > 7 weeks ago METRON-1620: Fixes for forensic clustering use > > case > > > > > > example > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > > > >> > 7 weeks ago METRON-1659: The platform-info.sh should check > for > > > the > > > > > > >> vagrant > > > > > > >> > hostmanager plugin closes apache/incubator-metron#1100 > > > > > > >> > 7 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > > > >> > apache/incubator-metron#1101 > > > > > > >> > 7 weeks ago METRON-1236 Add start/stop/restart commands that > > > > execute > > > > > > >> > successfully, when ambari agents run as non-root user closes > > > > > > >> > apache/incubator-metron#1105 > > > > > > >> > 7 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is locale > > > > > sensitive > > > > > > >> > closes apache/incubator-metron#1104 > > > > > > >> > 8 weeks ago METRON-1660 On Solr, sorting by threat score > fails > > > > > > >> > (justinleet) closes apache/metron#1102 > > > > > > >> > 8 weeks ago METRON-1656 Create KAKFA_SEEK function > > (nickwallen) > > > > > closes > > > > > > >> > apache/metron#1097 > > > > > > >> > 8 weeks ago Resolve merge conflicts with master. > > > > > > >> > 8 weeks ago METRON-1641: Enable Pcap jobs to be submitted > > > > > > asynchronously > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1081 > > > > > > >> > 8 weeks ago METRON-1644: Support parser chaining closes > > > > > > >> > apache/incubator-metron#1084 > > > > > > >> > 8 weeks ago METRON-1655 Make REGEXP_MATCH take multiple > regexs > > > in > > > > > the > > > > > > >> 2nd > > > > > > >> > arg (ottobackwards) closes apache/metron#1098 > > > > > > >> > 9 weeks ago METRON-1643: Create a REGEX_ROUTING field > > > > transformation > > > > > > >> > closes apache/incubator-metron#1083 > > > > > > >> > 9 weeks ago METRON-1652 Document X-Pack Common Problem > > > > (nickwallen) > > > > > > >> closes > > > > > > >> > apache/metron#1092 > > > > > > >> > 9 weeks ago METRON-1649 Intermittent Test Failure > > > > > > >> > ProfileBuilderBoltTest#testFlushExpiredProfiles (nickwallen) > > > > closes > > > > > > >> > apache/metron#1090 > > > > > > >> > 9 weeks ago METRON-1635 Alerts UI status update doesn't > > > > > > immediately > > > > > > >> > show up (merrimanr) closes apache/metron#1080 > > > > > > >> > 9 weeks ago METRON-1642: KafkaWriter should be able choose > the > > > > topic > > > > > > >> from > > > > > > >> > a field in addition to topology construction time closes > > > > > > >> > apache/incubator-metron#1082 > > > > > > >> > 9 weeks ago METRON-1636: Fix broken unit test setup in > > > > metron-alerts > > > > > > >> > closes apache/incubator-metron#1085 > > > > > > >> > 10 weeks ago METRON-1631 Alerts UI: Dash score does not show > > if > > > > only > > > > > > >> > filtering by one group (sardell via merrimanr) closes > > > > > > apache/metron#1079 > > > > > > >> > 10 weeks ago METRON-1647 Fix logging level score closes > > > > > > >> > apache/incubator-metron#1089 > > > > > > >> > 10 weeks ago METRON-1621: Sorting alerts table by score > closes > > > > > > >> > apache/incubator-metron#1088 > > > > > > >> > 10 weeks ago METRON-1619: Stellar empty collections should > be > > > > > > considered > > > > > > >> > false in boolean expressions closes > > apache/incubator-metron#1064 > > > > > > >> > 10 weeks ago METRON-1646 Sensor Stubs should work when > > > kerberized > > > > > > >> > (nickwallen) closes apache/metron#1087 > > > > > > >> > 10 weeks ago METRON-1645: Check wether the Solr management > > pack > > > is > > > > > > >> > installed before configuring the solr principal name. closes > > > > > > >> > apache/incubator-metron#1086 > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 2 months ago METRON-1634 Alerts UI add comment doesn't > > > > > > immediately > > > > > > >> > show up. (merrimanr) closes apache/metron#1077 > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > >> > feature/METRON-1554-pcap-query-panel > > > > > > >> > 2 months ago METRON-1555 Update REST to run YARN and MR jobs > > > > > > (merrimanr) > > > > > > >> > closes apache/metron#1019 > > > > > > >> > 2 months ago METRON-1489 Retrofit UI tests to run reliably > > > during > > > > > > >> nightly > > > > > > >> > QE runs (sardell via nickwallen) closes apache/metron#1004 > > > > > > >> > 2 months ago METRON-1637 Wrong path to escalate alert REST > > > > endpoint > > > > > > >> > (merrimanr) closes apache/metron#1078 > > > > > > >> > 2 months ago METRON-1624 Set Profiler and Enrichment batch > > > > > parameters > > > > > > in > > > > > > >> > Ambari (nickwallen) closes apache/metron#1069 > > > > > > >> > 2 months ago Merge remote-tracking branch 'origin/master' > into > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > (nickwallen) closes apache/metron#1075 > > > > > > >> > 2 months ago METRON-1629 Update Solr documentation > (merrimanr > > > via > > > > > > >> > justinleet) closes apache/metron#1072 > > > > > > >> > 3 months ago METRON-1633 Incorrect instructions when merging > > PR > > > > into > > > > > > >> > feature branch (nickwallen) closes apache/metron#1074 > > > > > > >> > 3 months ago METRON-1630 Add threat.triage.score.field to > > > READMEs > > > > > > >> > (merrimanr) closes apache/metron#1073 > > > > > > >> > 3 months ago METRON-1609 Elasticsearch settings in Ambari > > should > > > > not > > > > > > be > > > > > > >> > required if Solr is the indexer (nickwallen) closes > > > > > apache/metron#1056 > > > > > > >> > 3 months ago METRON-1627 Alerts UI: Metaalert details > missing > > in > > > > > > details > > > > > > >> > panel when trying to add alert to existing metaalert > (sardell > > > via > > > > > > >> > justinleet) closes apache/metron#1070 > > > > > > >> > 3 months ago METRON-1625 Merge master into Solr feature > branch > > > > > > >> (merrimanr) > > > > > > >> > closes apache/metron#1067 > > > > > > >> > 3 months ago METRON-1626 Alerts UI: An empty result is > > returned > > > > when > > > > > > >> > searching for a single alert contained in a metaalert > (sardell > > > via > > > > > > >> > nickwallen) closes apache/metron#1068 > > > > > > >> > 3 months ago METRON-1611 Increment master version number to > > > 0.5.1 > > > > > for > > > > > > >> > on-going development (justinleet) closes apache/metron#1057 > > > > > > >> > 3 months ago METRON-1622 Allow user to define global > property > > > > > > >> > 'threat.triage.score.field' in Ambari (nickwallen) closes > > > > > > >> apache/metron#1066 > > > > > > >> > 3 months ago METRON-1599 Allow user to define global > property > > > > > > >> > 'source.type.field' in Ambari (nickwallen) closes > > > > apache/metron#1047 > > > > > > >> > 3 months ago METRON-1616 Changing alert status fails if no > > > > > metaalerts > > > > > > >> have > > > > > > >> > been created yet (merrimanr) closes apache/metron#1061 > > > > > > >> > 3 months ago METRON-1573 Enhance KAFKA_* functions to return > > > > > partition > > > > > > >> and > > > > > > >> > offset details (nickwallen) closes apache/metron#1030 > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago METRON-1617: Make threat triage score function > > with > > > > > dots > > > > > > as > > > > > > >> > well as colons closes apache/incubator-metron#1062 > > > > > > >> > 3 months ago METRON-1613 Metaalerts status update broken in > > > Alerts > > > > > UI > > > > > > >> > (merrimanr) closes apache/metron#1059 > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago METRON-1588 Migrate storm-kafka-client to 1.2.1 > > > > closes > > > > > > >> > apache/incubator-metron#1039 > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago Merge branch 'feature/METRON-1416-upgrade-solr' > > of > > > > > > >> > https://git-wip-us.apache.org/repos/asf/metron into > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 3 months ago METRON-1587 Make collection utility work for > HDP > > > > search > > > > > > >> > (merrimanr) closes apache/metron#1043 > > > > > > >> > 3 months ago METRON-1612 Fix website download links > > (justinleet) > > > > > > closes > > > > > > >> > apache/metron#1058 > > > > > > >> > 3 months ago METRON-1608 Add configuration for > > > threat.triage.field > > > > > > name > > > > > > >> > (merrimanr) closes apache/metron#1055 > > > > > > >> > 3 months ago METRON-1585 SolrRetrieveLatestDao does not use > > the > > > > > > >> collection > > > > > > >> > lookup (justinleet via merrimanr) closes apache/metron#1050 > > > > > > >> > 3 months ago METRON-1533 Create KAFKA_FIND Stellar Function > > > > > > (nickwallen) > > > > > > >> > closes apache/metron#1025 > > > > > > >> > 3 months ago METRON-1601: Rename metaalert alert nested > field > > to > > > > > > >> > metron_alert to avoid collision closes > > > > apache/incubator-metron#1049 > > > > > > >> > 3 months ago METRON-1572 Enhance KAFKA_PUT function > > (nickwallen) > > > > > > closes > > > > > > >> > apache/metron#1024 > > > > > > >> > 3 months ago METRON-1607 update public web site to point at > > > 0.5.0 > > > > > new > > > > > > >> > release (justinleet) closes apache/metron#1053 > > > > > > >> > 3 months ago METRON-1568: Stellar should have a _ special > > > variable > > > > > > which > > > > > > >> > returns the message in map form closes > > > > apache/incubator-metron#1021 > > > > > > >> > 3 months ago METRON-1594: KafkaWriter is asynchronous and > may > > > lose > > > > > > data > > > > > > >> on > > > > > > >> > node failure (mmiklavc via mmiklavc) closes > apache/metron#1045 > > > > > > >> > 3 months ago METRON-1603: Fix multivalue field errors in Bro > > > Solr > > > > > > schema > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > > > >> > 3 months ago METRON-1584 Indexing Topology Crashes with > > Invalid > > > > > > Message > > > > > > >> > (nickwallen) closes apache/metron#1036 > > > > > > >> > 3 months ago METRON-1547 Solr Comment Fields (justinleet) > > closes > > > > > > >> > apache/metron#1037 > > > > > > >> > 3 months ago METRON-1553 Validate JIRA Script Error > > (nickwallen) > > > > > > closes > > > > > > >> > apache/metron#1013 > > > > > > >> > 3 months ago METRON-1592 Unable to use third party parser > with > > > > Storm > > > > > > >> > versions >= 1.1.0 (nickwallen) closes apache/metron#1042 > > > > > > >> > 3 months ago METRON-1598 NoClassDefFoundError when running > > with > > > > > > >> > Elasticsearch X-Pack (nickwallen) closes apache/metron#1048 > > > > > > >> > 3 months ago METRON-1589 '/api/v1/search/search' fails when > > > 'Solr > > > > > > >> > Zookeeper Urls' has comma separated multiple zookeeper urls > > > > > > (justinleet) > > > > > > >> > closes apache/metron#1040 > > > > > > >> > 3 months ago METRON-1593 Setting Metron rest additional > > > classpath > > > > > > >> removes > > > > > > >> > HBase and Hadoop configs from classpath (merrimanr) closes > > > > > > >> > apache/metron#1044 > > > > > > >> > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek to End > Logic > > > > > > >> (nickwallen) > > > > > > >> > closes apache/metron#1023 > > > > > > >> > 3 months ago METRON-1579: Stellar should return the > expression > > > > that > > > > > > >> failed > > > > > > >> > in the exception closes apache/incubator-metron#1033 > > > > > > >> > 3 months ago METRON-1586 Defaulting for the source type > field > > in > > > > > > alerts > > > > > > >> UI > > > > > > >> > does not work (merrimanr via justinleet) closes > > > apache/metron#1038 > > > > > > >> > 3 months ago METRON-1569: Allow user to change field name > > > > conversion > > > > > > >> when > > > > > > >> > indexing to Elasticsearch (nickwallen via mmiklavc) closes > > > > > > >> > apache/metron#1022 > > > > > > >> > 3 months ago METRON-1544 Flaky test: > > > > > > >> > > > > > > > > > > > > > org.apache.metron.stellar.common.CachingStellarProcessorTest#testCaching > > > > > > >> > (nickwallen) closes apache/metron#1015 > > > > > > >> > 3 months ago METRON-1580 Release candidate check script > > requires > > > > Bro > > > > > > >> > Plugin (nickwallen via ottobackwards) closes > > apache/metron#1034 > > > > > > >> > 3 months ago METRON-1532 Getting started documentation > > > > improvements > > > > > > >> > (sardell via nickwallen) closes apache/metron#1001 > > > > > > >> > 3 months ago METRON-1577 Solr searches don't include > the > > > > index > > > > > of > > > > > > >> the > > > > > > >> > result (merrimanr) closes apache/metron#1031 > > > > > > >> > 3 months ago METRON-1421 Create a SolrMetaAlertDao > > (justinleet) > > > > > closes > > > > > > >> > apache/metron#970 > > > > > > >> > 4 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 4 months ago METRON-1567 Large error message can't be > > > written > > > > > in > > > > > > >> Solr > > > > > > >> > (justinleet) closes apache/metron#1020 > > > > > > >> > 4 months ago METRON-1540 Solr Integration tests should use > > > actual > > > > > > >> schemas > > > > > > >> > (justinleet) closes apache/metron#1005 > > > > > > >> > 4 months ago Merge remote-tracking branch 'origin/master' > into > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > >> > 4 months ago METRON-1526 Location field types cause > > > DocValuesField > > > > > > >> appear > > > > > > >> > more than once error (merrimanr via justinleet) closes > > > > > > apache/metron#995 > > > > > > >> > 5 months ago METRON-1503 Alerts are not getting populated in > > > > alerts > > > > > UI > > > > > > >> > when search engine is Solr (merrimanr) closes > > apache/metron#975 > > > > > > >> > 6 months ago METRON-1424 Kerberos: Solr (merrimanr) closes > > > > > > >> > apache/metron#960 > > > > > > >> > 6 months ago METRON-1482 Update REST to work with Solr > > > (merrimanr) > > > > > > >> closes > > > > > > >> > apache/metron#957 > > > > > > >> > 6 months ago METRON-1464 Convert schemas to be compatible > with > > > > Solr > > > > > > >> 5.5.2 > > > > > > >> > (merrimanr) closes apache/metron#945 > > > > > > >> > 6 months ago METRON-1423 Ambari work to handle Solr > > > configuration > > > > > > >> > (merrimanr) closes apache/metron#934 > > > > > > >> > 6 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 7 months ago METRON-1448: Update SolrWriter to conform to > new > > > > > > collection > > > > > > >> > strategy this closes apache/incubator-metron#929 > > > > > > >> > 7 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 7 months ago Merge branch 'master' into > > > > > > feature/METRON-1416-upgrade-solr > > > > > > >> > 7 months ago METRON-1441: Create complementary Solr schemas > > for > > > > the > > > > > > main > > > > > > >> > sensors this closes apache/metron#922 > > > > > > >> > 7 months ago METRON-1436: Manually Install Solr Cloud in > Full > > > Dev > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#918 > > > > > > >> > 7 months ago METRON-1419: Create a SolrDao this closes > > > > > > >> > apache/incubator-metron#911 > > > > > > >> > > > > > > > >> > > > > > > > >> > On Wed, Aug 15, 2018 at 2:15 PM Michael Miklavcic < > > > > > > >> > michael.miklav...@gmail.com> wrote: > > > > > > >> > > > > > > > >> >> +1 here as well to the proposed releases. > > > > > > >> >> > > > > > > >> >> On Wed, Aug 15, 2018 at 11:06 AM Casey Stella < > > > > ceste...@gmail.com> > > > > > > >> wrote: > > > > > > >> >> > > > > > > >> >> > +1 to both releases, this is plenty for an 0.6.0 and a > > 0.2.0 > > > > > > >> >> > > > > > > > >> >> > On Wed, Aug 15, 2018 at 11:04 AM Justin Leet < > > > > > > justinjl...@gmail.com> > > > > > > >> >> > wrote: > > > > > > >> >> > > > > > > > >> >> > > I just sent a thread about release cadence. Jon, I'd > > > > recommend > > > > > > >> >> starting a > > > > > > >> >> > > thread on a 1.0 roadmap. I thought about merging the > > > > threads, > > > > > > but > > > > > > >> I > > > > > > >> >> > think > > > > > > >> >> > > that's just going to result in more crosstalk, so I'll > > let > > > > you > > > > > > >> start > > > > > > >> >> that > > > > > > >> >> > > conversation. > > > > > > >> >> > > > > > > > > >> >> > > On Wed, Aug 15, 2018 at 10:37 AM Nick Allen < > > > > > n...@nickallen.org> > > > > > > >> >> wrote: > > > > > > >> >> > > > > > > > > >> >> > > > +1 to a 0.6.0 release that includes the Pcap Panel > and > > > Solr > > > > > > work. > > > > > > >> >> > > > > > > > > > >> >> > > > +1 to doing a 0.2.0 release for > > > metron-bro-plugin-kafka. I > > > > > > >> *think* > > > > > > >> >> we > > > > > > >> >> > > need > > > > > > >> >> > > > to do the plugin release first, so that the 0.6.0 > > Metron > > > > > > release > > > > > > >> >> will > > > > > > >> >> > > point > > > > > > >> >> > > > to plugin 0.2.0. > > > > > > >> >> > > > > > > > > > >> >> > > > FWIW, here are the changes since the last release. > > > > > > >> >> > > > > > > > > > >> >> > > > 6 days ago METRON-1730: Update steps to run pycapa on > > > > Centos > > > > > 6 > > > > > > >> >> > (mmiklavc > > > > > > >> >> > > > via mmiklavc) closes apache/metron#1152 > > > > > > >> >> > > > 2 weeks ago METRON-1701 Update General notes on the > > > > > > installation > > > > > > >> of > > > > > > >> >> > > Pycapa > > > > > > >> >> > > > on Kerberized cluster (MohanDV via nickwallen) closes > > > > > > >> >> > apache/metron#1136 > > > > > > >> >> > > > 3 weeks ago METRON-1650 Packaging docker containers > are > > > too > > > > > > large > > > > > > >> >> > > > (jameslamb via merrimanr) closes apache/metron#1091 > > > > > > >> >> > > > 3 weeks ago METRON-1604 : Add RHEL 7 power pc to OS > > > family > > > > > for > > > > > > >> the > > > > > > >> >> HCP > > > > > > >> >> > > > management pack repo info closes > > > > apache/incubator-metron#1052 > > > > > > >> >> > > > 3 weeks ago METRON-1687: Upgrade the rat plugin to > > > > > > 0.13-SNAPSHOT > > > > > > >> >> closes > > > > > > >> >> > > > apache/incubator-metron#1126 > > > > > > >> >> > > > 3 weeks ago METRON-1694: Clean up Metron REST docs > > closes > > > > > > >> >> > > > apache/incubator-metron#1131 > > > > > > >> >> > > > 4 weeks ago METRON-1606 Add a 'wrap' to > > > incoming > > > > > > >> messages > > > > > > >> >> in > > > > > > >> >> > > the > > > > > > >> >> > > > metron json parser (ottobackwards) closes > > > > apache/metron#1054 > > > > > > >> >> > > > 4 weeks ago METRON-1672 Add metron-alerts's UI > > unit > > > > > tests > > > > > > to > > > > > > >> >> > travis > > > > > > >> >> > > > build process (justinleet) closes apache/metron#1106 > > > > > > >> >> > > > 4 weeks ago METRON-1684 Fix Markdown problems in > > > > > > >> 3rdPartyParser.md > > > > > > >> >> > > > (justinleet) closes apache/metron#1110 > > > > > > >> >> > > > 4 weeks ago METRON-1657 Parser aggregation in storm > > > > > > (justinleet) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1099 > > > > > > >> >> > > > 4 weeks ago METRON-1651 Fixing failing protractor e2e > > > test > > > > > > >> (tiborm > > > > > > >> >> via > > > > > > >> >> > > > merrimanr) closes apache/metron#1095 > > > > > > >> >> > > > 4 weeks ago METRON-1673 Fix Javadoc errors > (justinleet) > > > > > closes > > > > > > >> >> > > > apache/metron#1107 > > > > > > >> >> > > > 4 weeks ago METRON-1620: Fixes for forensic > clustering > > > use > > > > > case > > > > > > >> >> example > > > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > > > >> >> > > > 4 weeks ago METRON-1659: The platform-info.sh should > > > check > > > > > for > > > > > > >> the > > > > > > >> >> > > vagrant > > > > > > >> >> > > > hostmanager plugin closes > apache/incubator-metron#1100 > > > > > > >> >> > > > 4 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > > > >> >> > > > apache/incubator-metron#1101 > > > > > > >> >> > > > 4 weeks ago METRON-1236 Add start/stop/restart > commands > > > > that > > > > > > >> execute > > > > > > >> >> > > > successfully, when ambari agents run as non-root user > > > > closes > > > > > > >> >> > > > apache/incubator-metron#1105 > > > > > > >> >> > > > 4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is > > > > locale > > > > > > >> >> sensitive > > > > > > >> >> > > > closes apache/incubator-metron#1104 > > > > > > >> >> > > > 5 weeks ago METRON-1660 On Solr, sorting by threat > > score > > > > > fails > > > > > > >> >> > > (justinleet) > > > > > > >> >> > > > closes apache/metron#1102 > > > > > > >> >> > > > 5 weeks ago METRON-1656 Create KAKFA_SEEK function > > > > > (nickwallen) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1097 > > > > > > >> >> > > > 5 weeks ago METRON-1644: Support parser chaining > closes > > > > > > >> >> > > > apache/incubator-metron#1084 > > > > > > >> >> > > > 5 weeks ago METRON-1655 Make REGEXP_MATCH take > multiple > > > > > regexs > > > > > > in > > > > > > >> >> the > > > > > > >> >> > 2nd > > > > > > >> >> > > > arg (ottobackwards) closes apache/metron#1098 > > > > > > >> >> > > > 6 weeks ago METRON-1643: Create a REGEX_ROUTING field > > > > > > >> transformation > > > > > > >> >> > > closes > > > > > > >> >> > > > apache/incubator-metron#1083 > > > > > > >> >> > > > 6 weeks ago METRON-1652 Document X-Pack Common > Problem > > > > > > >> (nickwallen) > > > > > > >> >> > > closes > > > > > > >> >> > > > apache/metron#1092 > > > > > > >> >> > > > 6 weeks ago METRON-1649 Intermittent Test Failure > > > > > > >> >> > > > ProfileBuilderBoltTest#testFlushExpiredProfiles > > > > > > >> >> > > > (nickwallen) closes apache/metron#1090 > > > > > > >> >> > > > 6 weeks ago METRON-1635 Alerts UI status update > > > > doesn't > > > > > > >> >> > immediately > > > > > > >> >> > > > show up (merrimanr) closes apache/metron#1080 > > > > > > >> >> > > > 6 weeks ago METRON-1642: KafkaWriter should be able > > > choose > > > > > the > > > > > > >> topic > > > > > > >> >> > > from a > > > > > > >> >> > > > field in addition to topology construction time > closes > > > > > > >> >> > > > apache/incubator-metron#1082 > > > > > > >> >> > > > 6 weeks ago METRON-1636: Fix broken unit test setup > in > > > > > > >> metron-alerts > > > > > > >> >> > > closes > > > > > > >> >> > > > apache/incubator-metron#1085 > > > > > > >> >> > > > 7 weeks ago METRON-1631 Alerts UI: Dash score does > not > > > show > > > > > if > > > > > > >> only > > > > > > >> >> > > > filtering by one group (sardell via merrimanr) closes > > > > > > >> >> > apache/metron#1079 > > > > > > >> >> > > > 7 weeks ago METRON-1647 Fix logging level score > closes > > > > > > >> >> > > > apache/incubator-metron#1089 > > > > > > >> >> > > > 7 weeks ago METRON-1621: Sorting alerts table by > score > > > > closes > > > > > > >> >> > > > apache/incubator-metron#1088 > > > > > > >> >> > > > 7 weeks ago METRON-1619: Stellar empty collections > > should > > > > be > > > > > > >> >> considered > > > > > > >> >> > > > false in boolean expressions closes > > > > > > apache/incubator-metron#1064 > > > > > > >> >> > > > 7 weeks ago METRON-1646 Sensor Stubs should work when > > > > > > kerberized > > > > > > >> >> > > > (nickwallen) closes apache/metron#1087 > > > > > > >> >> > > > 7 weeks ago METRON-1645: Check wether the Solr > > management > > > > > pack > > > > > > is > > > > > > >> >> > > installed > > > > > > >> >> > > > before configuring the solr principal name. closes > > > > > > >> >> > > > apache/incubator-metron#1086 > > > > > > >> >> > > > 7 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 7 weeks ago METRON-1634 Alerts UI add comment > > > doesn't > > > > > > >> >> immediately > > > > > > >> >> > > show > > > > > > >> >> > > > up. (merrimanr) closes apache/metron#1077 > > > > > > >> >> > > > 7 weeks ago METRON-1489 Retrofit UI tests to run > > reliably > > > > > > during > > > > > > >> >> > nightly > > > > > > >> >> > > QE > > > > > > >> >> > > > runs (sardell via nickwallen) closes > apache/metron#1004 > > > > > > >> >> > > > 7 weeks ago METRON-1637 Wrong path to escalate alert > > REST > > > > > > >> endpoint > > > > > > >> >> > > > (merrimanr) closes apache/metron#1078 > > > > > > >> >> > > > 8 weeks ago METRON-1624 Set Profiler and Enrichment > > batch > > > > > > >> >> parameters in > > > > > > >> >> > > > Ambari (nickwallen) closes apache/metron#1069 > > > > > > >> >> > > > 8 weeks ago Merge remote-tracking branch > > 'origin/master' > > > > into > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 8 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > (nickwallen) closes apache/metron#1075 > > > > > > >> >> > > > 8 weeks ago METRON-1629 Update Solr documentation > > > > (merrimanr > > > > > > via > > > > > > >> >> > > > justinleet) closes apache/metron#1072 > > > > > > >> >> > > > 8 weeks ago METRON-1633 Incorrect instructions when > > > merging > > > > > PR > > > > > > >> into > > > > > > >> >> > > feature > > > > > > >> >> > > > branch (nickwallen) closes apache/metron#1074 > > > > > > >> >> > > > 8 weeks ago METRON-1630 Add threat.triage.score.field > > to > > > > > > READMEs > > > > > > >> >> > > > (merrimanr) closes apache/metron#1073 > > > > > > >> >> > > > 8 weeks ago METRON-1609 Elasticsearch settings in > > Ambari > > > > > should > > > > > > >> not > > > > > > >> >> be > > > > > > >> >> > > > required if Solr is the indexer (nickwallen) closes > > > > > > >> >> apache/metron#1056 > > > > > > >> >> > > > 8 weeks ago METRON-1627 Alerts UI: Metaalert details > > > > missing > > > > > in > > > > > > >> >> details > > > > > > >> >> > > > panel when trying to add alert to existing metaalert > > > > (sardell > > > > > > via > > > > > > >> >> > > > justinleet) closes apache/metron#1070 > > > > > > >> >> > > > 8 weeks ago METRON-1625 Merge master into Solr > feature > > > > branch > > > > > > >> >> > (merrimanr) > > > > > > >> >> > > > closes apache/metron#1067 > > > > > > >> >> > > > 8 weeks ago METRON-1626 Alerts UI: An empty result is > > > > > returned > > > > > > >> when > > > > > > >> >> > > > searching for a single alert contained in a metaalert > > > > > (sardell > > > > > > >> via > > > > > > >> >> > > > nickwallen) closes apache/metron#1068 > > > > > > >> >> > > > 8 weeks ago METRON-1611 Increment master version > number > > > to > > > > > > 0.5.1 > > > > > > >> for > > > > > > >> >> > > > on-going development (justinleet) closes > > > apache/metron#1057 > > > > > > >> >> > > > 8 weeks ago METRON-1622 Allow user to define global > > > > property > > > > > > >> >> > > > 'threat.triage.score.field' in Ambari (nickwallen) > > closes > > > > > > >> >> > > > apache/metron#1066 > > > > > > >> >> > > > 8 weeks ago METRON-1599 Allow user to define global > > > > property > > > > > > >> >> > > > 'source.type.field' in Ambari (nickwallen) closes > > > > > > >> apache/metron#1047 > > > > > > >> >> > > > 8 weeks ago METRON-1616 Changing alert status fails > if > > no > > > > > > >> metaalerts > > > > > > >> >> > have > > > > > > >> >> > > > been created yet (merrimanr) closes > apache/metron#1061 > > > > > > >> >> > > > 8 weeks ago METRON-1573 Enhance KAFKA_* functions to > > > return > > > > > > >> >> partition > > > > > > >> >> > and > > > > > > >> >> > > > offset details (nickwallen) closes apache/metron#1030 > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago METRON-1617: Make threat triage score > > > function > > > > > with > > > > > > >> >> dots as > > > > > > >> >> > > > well as colons closes apache/incubator-metron#1062 > > > > > > >> >> > > > 9 weeks ago METRON-1613 Metaalerts status update > broken > > > in > > > > > > >> Alerts UI > > > > > > >> >> > > > (merrimanr) closes apache/metron#1059 > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago METRON-1588 Migrate storm-kafka-client to > > > 1.2.1 > > > > > > >> closes > > > > > > >> >> > > > apache/incubator-metron#1039 > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago Merge branch > > > 'feature/METRON-1416-upgrade-solr' > > > > > of > > > > > > >> >> > > > https://git-wip-us.apache.org/repos/asf/metron into > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 9 weeks ago METRON-1587 Make collection utility work > > for > > > > HDP > > > > > > >> search > > > > > > >> >> > > > (merrimanr) closes apache/metron#1043 > > > > > > >> >> > > > 9 weeks ago METRON-1612 Fix website download links > > > > > (justinleet) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1058 > > > > > > >> >> > > > 9 weeks ago METRON-1608 Add configuration for > > > > > > threat.triage.field > > > > > > >> >> name > > > > > > >> >> > > > (merrimanr) closes apache/metron#1055 > > > > > > >> >> > > > 10 weeks ago METRON-1585 SolrRetrieveLatestDao does > not > > > use > > > > > the > > > > > > >> >> > > collection > > > > > > >> >> > > > lookup (justinleet via merrimanr) closes > > > apache/metron#1050 > > > > > > >> >> > > > 10 weeks ago METRON-1533 Create KAFKA_FIND Stellar > > > Function > > > > > > >> >> > (nickwallen) > > > > > > >> >> > > > closes apache/metron#1025 > > > > > > >> >> > > > 10 weeks ago METRON-1601: Rename metaalert alert > nested > > > > field > > > > > > to > > > > > > >> >> > > > metron_alert to avoid collision closes > > > > > > >> apache/incubator-metron#1049 > > > > > > >> >> > > > 10 weeks ago METRON-1572 Enhance KAFKA_PUT function > > > > > > (nickwallen) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1024 > > > > > > >> >> > > > 10 weeks ago METRON-1607 update public web site to > > point > > > at > > > > > > 0.5.0 > > > > > > >> >> new > > > > > > >> >> > > > release (justinleet) closes apache/metron#1053 > > > > > > >> >> > > > 10 weeks ago METRON-1568: Stellar should have a _ > > special > > > > > > >> variable > > > > > > >> >> > which > > > > > > >> >> > > > returns the message in map form closes > > > > > > >> apache/incubator-metron#1021 > > > > > > >> >> > > > 2 months ago METRON-1594: KafkaWriter is asynchronous > > and > > > > may > > > > > > >> lose > > > > > > >> >> data > > > > > > >> >> > > on > > > > > > >> >> > > > node failure (mmiklavc via mmiklavc) closes > > > > > apache/metron#1045 > > > > > > >> >> > > > 2 months ago METRON-1603: Fix multivalue field errors > > in > > > > Bro > > > > > > Solr > > > > > > >> >> > schema > > > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > > > >> >> > > > 2 months ago METRON-1584 Indexing Topology Crashes > with > > > > > Invalid > > > > > > >> >> Message > > > > > > >> >> > > > (nickwallen) closes apache/metron#1036 > > > > > > >> >> > > > 2 months ago METRON-1547 Solr Comment Fields > > (justinleet) > > > > > > closes > > > > > > >> >> > > > apache/metron#1037 > > > > > > >> >> > > > 2 months ago METRON-1553 Validate JIRA Script Error > > > > > > (nickwallen) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1013 > > > > > > >> >> > > > 2 months ago METRON-1592 Unable to use third party > > parser > > > > > with > > > > > > >> Storm > > > > > > >> >> > > > versions >= 1.1.0 (nickwallen) closes > > apache/metron#1042 > > > > > > >> >> > > > 2 months ago METRON-1598 NoClassDefFoundError when > > > running > > > > > with > > > > > > >> >> > > > Elasticsearch X-Pack (nickwallen) closes > > > apache/metron#1048 > > > > > > >> >> > > > 2 months ago METRON-1589 '/api/v1/search/search' > fails > > > when > > > > > > 'Solr > > > > > > >> >> > > Zookeeper > > > > > > >> >> > > > Urls' has comma separated multiple zookeeper urls > > > > > (justinleet) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#1040 > > > > > > >> >> > > > 2 months ago METRON-1593 Setting Metron rest > additional > > > > > > classpath > > > > > > >> >> > removes > > > > > > >> >> > > > HBase and Hadoop configs from classpath (merrimanr) > > > closes > > > > > > >> >> > > > apache/metron#1044 > > > > > > >> >> > > > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek to > End > > > > Logic > > > > > > >> >> > > (nickwallen) > > > > > > >> >> > > > closes apache/metron#1023 > > > > > > >> >> > > > 3 months ago METRON-1579: Stellar should return the > > > > > expression > > > > > > >> that > > > > > > >> >> > > failed > > > > > > >> >> > > > in the exception closes apache/incubator-metron#1033 > > > > > > >> >> > > > 3 months ago METRON-1586 Defaulting for the source > type > > > > field > > > > > > in > > > > > > >> >> alerts > > > > > > >> >> > > UI > > > > > > >> >> > > > does not work (merrimanr via justinleet) closes > > > > > > >> apache/metron#1038 > > > > > > >> >> > > > 3 months ago METRON-1569: Allow user to change field > > name > > > > > > >> conversion > > > > > > >> >> > when > > > > > > >> >> > > > indexing to Elasticsearch (nickwallen via mmiklavc) > > > closes > > > > > > >> >> > > > apache/metron#1022 > > > > > > >> >> > > > 3 months ago METRON-1544 Flaky test: > > > > > > >> >> org.apache.metron.stellar.common. > > > > > > >> >> > > > CachingStellarProcessorTest#testCaching (nickwallen) > > > closes > > > > > > >> >> > > > apache/metron#1015 > > > > > > >> >> > > > 3 months ago METRON-1580 Release candidate check > script > > > > > > requires > > > > > > >> Bro > > > > > > >> >> > > Plugin > > > > > > >> >> > > > (nickwallen via ottobackwards) closes > > apache/metron#1034 > > > > > > >> >> > > > 3 months ago METRON-1532 Getting started > documentation > > > > > > >> improvements > > > > > > >> >> > > > (sardell via nickwallen) closes apache/metron#1001 > > > > > > >> >> > > > 3 months ago METRON-1577 Solr searches don't > > include > > > > the > > > > > > >> index > > > > > > >> >> of > > > > > > >> >> > > the > > > > > > >> >> > > > result (merrimanr) closes apache/metron#1031 > > > > > > >> >> > > > 3 months ago METRON-1421 Create a SolrMetaAlertDao > > > > > (justinleet) > > > > > > >> >> closes > > > > > > >> >> > > > apache/metron#970 > > > > > > >> >> > > > 3 months ago Merge branch 'master' into > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 3 months ago METRON-1567 Large error message > can't > > > be > > > > > > >> written > > > > > > >> >> in > > > > > > >> >> > > Solr > > > > > > >> >> > > > (justinleet) closes apache/metron#1020 > > > > > > >> >> > > > 4 months ago METRON-1540 Solr Integration tests > should > > > use > > > > > > actual > > > > > > >> >> > schemas > > > > > > >> >> > > > (justinleet) closes apache/metron#1005 > > > > > > >> >> > > > 4 months ago Merge remote-tracking branch > > 'origin/master' > > > > > into > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 4 months ago METRON-1526 Location field types cause > > > > > > >> DocValuesField > > > > > > >> >> > appear > > > > > > >> >> > > > more than once error (merrimanr via justinleet) > closes > > > > > > >> >> > apache/metron#995 > > > > > > >> >> > > > 4 months ago METRON-1503 Alerts are not getting > > populated > > > > in > > > > > > >> alerts > > > > > > >> >> UI > > > > > > >> >> > > when > > > > > > >> >> > > > search engine is Solr (merrimanr) closes > > > apache/metron#975 > > > > > > >> >> > > > 5 months ago METRON-1424 Kerberos: Solr (merrimanr) > > > closes > > > > > > >> >> > > > apache/metron#960 > > > > > > >> >> > > > 5 months ago METRON-1482 Update REST to work with > Solr > > > > > > >> (merrimanr) > > > > > > >> >> > closes > > > > > > >> >> > > > apache/metron#957 > > > > > > >> >> > > > 5 months ago METRON-1464 Convert schemas to be > > compatible > > > > > with > > > > > > >> Solr > > > > > > >> >> > 5.5.2 > > > > > > >> >> > > > (merrimanr) closes apache/metron#945 > > > > > > >> >> > > > 6 months ago METRON-1423 Ambari work to handle Solr > > > > > > configuration > > > > > > >> >> > > > (merrimanr) closes apache/metron#934 > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 6 months ago METRON-1448: Update SolrWriter to > conform > > to > > > > new > > > > > > >> >> > collection > > > > > > >> >> > > > strategy this closes apache/incubator-metron#929 > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > >> >> > > > 6 months ago METRON-1441: Create complementary Solr > > > schemas > > > > > for > > > > > > >> the > > > > > > >> >> > main > > > > > > >> >> > > > sensors this closes apache/metron#922 > > > > > > >> >> > > > 6 months ago METRON-1436: Manually Install Solr Cloud > > in > > > > Full > > > > > > Dev > > > > > > >> >> > > (mmiklavc > > > > > > >> >> > > > via mmiklavc) closes apache/metron#918 > > > > > > >> >> > > > 7 months ago METRON-1419: Create a SolrDao this > closes > > > > > > >> >> > > > apache/incubator-metron#911 > > > > > > >> >> > > > > > > > > > >> >> > > > > > > > > > >> >> > > > > > > > > > >> >> > > > On Wed, Aug 15, 2018 at 9:48 AM, zeo...@gmail.com < > > > > > > >> zeo...@gmail.com > > > > > > >> >> > > > > > > > >> >> > > > wrote: > > > > > > >> >> > > > > > > > > > >> >> > > > > I agree - I would love to see a release not long > > after > > > > the > > > > > > >> PCAP FB > > > > > > >> >> > gets > > > > > > >> >> > > > > into master, and 0.6.0 makes sense to me. > > > > > > >> >> > > > > > > > > > > >> >> > > > > I'd also like to see a 0.2 release of > > > > > > metron-bro-plugin-kafka. > > > > > > >> >> There > > > > > > >> >> > > is > > > > > > >> >> > > > > one new commit, and I have a PR open which is > waiting > > > on > > > > > some > > > > > > >> >> tests > > > > > > >> >> > > > before > > > > > > >> >> > > > > it's ready to be evaluated/merged. I will try to > get > > > > that > > > > > > work > > > > > > >> >> done > > > > > > >> >> > > > asap. > > > > > > >> >> > > > > As of right now metron's dev ansible scripts pin > to a > > > > > > specific > > > > > > >> >> > release > > > > > > >> >> > > of > > > > > > >> >> > > > > metron-bro-plugin-kafka (0.1 > > > > > > >> >> > > > > <0.1 > > > https://github.com/apache/metron/blob/master/metron- > > > > > > >> >> > > > > deployment/ansible/roles/bro/vars/main.yml>), > > > > > > >> >> > > > > and I'm fine leaving that as is until after the > > coming > > > > > > release, > > > > > > >> >> but > > > > > > >> >> > we > > > > > > >> >> > > > > could also do a metron-bro-plugin-kafka release > first > > > and > > > > > > then > > > > > > >> >> update > > > > > > >> >> > > > > metron to point the dev environment to the new > > package > > > > > prior > > > > > > to > > > > > > >> >> the > > > > > > >> >> > > > > upcoming RC. > > > > > > >> >> > > > > > > > > > > >> >> > > > > I would also like to discuss what the roadmap looks > > > like > > > > > for > > > > > > a > > > > > > >> 1.0 > > > > > > >> >> > > > release > > > > > > >> >> > > > > and perhaps a more regular release schedule. I > have > > > some > > > > > > >> thoughts > > > > > > >> >> > but > > > > > > >> >> > > > > don't want to hijack this thread. > > > > > > >> >> > > > > > > > > > > >> >> > > > > Jon > > > > > > >> >> > > > > > > > > > > >> >> > > > > On Wed, Aug 15, 2018 at 9:11 AM Justin Leet < > > > > > > >> >> justinjl...@gmail.com> > > > > > > >> >> > > > wrote: > > > > > > >> >> > > > > > > > > > > >> >> > > > > > Hi all, > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > It's been a little while since the last release, > > and > > > a > > > > > > couple > > > > > > >> >> major > > > > > > >> >> > > > items > > > > > > >> >> > > > > > have gone in since then (or are hopefully close > to > > > > going > > > > > > >> in!). > > > > > > >> >> In > > > > > > >> >> > > > > > particular, I'd personally like to see a release > > with > > > > our > > > > > > >> Solr > > > > > > >> >> work > > > > > > >> >> > > > > > < > https://issues.apache.org/jira/browse/METRON-1416 > > > > > > > and > > > > > > the > > > > > > >> >> > > > > > close-to-completion PCAP Query Panel > > > > > > >> >> > > > > > < > https://issues.apache.org/jira/browse/METRON-1554 > > >. > > > > > > There > > > > > > >> is > > > > > > >> >> a > > > > > > >> >> > > > thread > > > > > > >> >> > > > > > < > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > > > > > https://lists.apache.org/thread.html/94ebc9be23f6f2ec8c53f8f6b71e97 > > > > > > >> >> > > > > d6919baf415caf534e2b25ba9b@% > 3Cdev.metron.apache.org > > %3E > > > > > > >> >> > > > > > > > > > > > > >> >> > > > > > around what's left before merging the PCAP > feature > > > > > branch, > > > > > > I > > > > > > >> >> > > encourage > > > > > > >> >> > > > > you > > > > > > >> >> > > > > > to take a look. There are also some nice-to-haves > > as > > > > well > > > > > > as > > > > > > >> >> some > > > > > > >> >> > > > Apache > > > > > > >> >> > > > > > cleanup around the RAT tool and typescript files > > > > > > >> >> > > > > > <https://github.com/apache/metron/pull/1126>. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > Version Number > > > > > > >> >> > > > > > I'm proposing bumping to 0.6.0, in particular > > because > > > > of > > > > > > the > > > > > > >> >> Solr > > > > > > >> >> > and > > > > > > >> >> > > > > PCAP > > > > > > >> >> > > > > > efforts. We can adjust that as necessary. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > I'm proposing we release this from the Metron > > master > > > > > > branch, > > > > > > >> >> plus > > > > > > >> >> > any > > > > > > >> >> > > > > > commits the community considers necessary. Note > > that > > > > I'm > > > > > > >> >> proposing > > > > > > >> >> > > > that > > > > > > >> >> > > > > > this release occur after the PCAP feature branch > is > > > > > merged > > > > > > >> into > > > > > > >> >> > > master. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > Proposed Timeframe > > > > > > >> >> > > > > > I would tentatively like to start work on the RC > > > > > Wednesday, > > > > > > >> >> > September > > > > > > >> >> > > > > 5th. > > > > > > >> >> > > > > > It's a little further out than usual, but I > wanted > > to > > > > > kick > > > > > > >> off > > > > > > >> >> the > > > > > > >> >> > > > > > discussion before Labor Day and to give ongoing > > time > > > > to > > > > > > >> settle. > > > > > > >> >> > And > > > > > > >> >> > > > also > > > > > > >> >> > > > > > because I'll be unavailable around Labor Day. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > JIRA Status > > > > > > >> >> > > > > > There are 31 open PRs at > > > > > > >> https://github.com/apache/metron/pulls > > > > > > >> >> . > > > > > > >> >> > We > > > > > > >> >> > > > > should > > > > > > >> >> > > > > > work on getting anything we feel merits inclusion > > > > closed > > > > > > out. > > > > > > >> >> > Please > > > > > > >> >> > > > > > respond with any tickets we'd like included. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > A couple of these are for the PCAP feature > branch, > > > and > > > > > > there > > > > > > >> >> will > > > > > > >> >> > be > > > > > > >> >> > > at > > > > > > >> >> > > > > > least one more for documentation. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > There will be updates necessary to get our Jira > up > > to > > > > > date. > > > > > > >> >> I'll > > > > > > >> >> > > > follow > > > > > > >> >> > > > > up > > > > > > >> >> > > > > > on that, and ask that everyone double check their > > > > > tickets. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > There have been 106 commits since the 0.5.0 > release > > > > > (listed > > > > > > >> at > > > > > > >> >> the > > > > > > >> >> > > end > > > > > > >> >> > > > of > > > > > > >> >> > > > > > message). There will be a few more when we pull > in > > > the > > > > > PCAP > > > > > > >> >> feature > > > > > > >> >> > > > > branch. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > Completed PRs as of Aug 15 as generated by git > log > > > > > > >> --pretty="%cr > > > > > > >> >> > %s" > > > > > > >> >> > > > > > tags/apache-metron-0.5.0-release..HEAD. > > > > > > >> >> > > > > > > > > > > > >> >> > > > > > 5 days ago METRON-1730: Update steps to run > pycapa > > on > > > > > > Centos > > > > > > >> 6 > > > > > > >> >> > > > (mmiklavc > > > > > > >> >> > > > > > via mmiklavc) closes apache/metron#1152 > > > > > > >> >> > > > > > 13 days ago METRON-1701 Update General notes on > the > > > > > > >> >> installation of > > > > > > >> >> > > > > Pycapa > > > > > > >> >> > > > > > on Kerberized cluster (MohanDV via nickwallen) > > closes > > > > > > >> >> > > > apache/metron#1136 > > > > > > >> >> > > > > > 3 weeks ago METRON-1650 Packaging docker > containers > > > are > > > > > too > -- Jon
