[
https://issues.apache.org/jira/browse/METRON-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171632#comment-16171632
]
ASF GitHub Bot commented on METRON-939:
---------------------------------------
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/619
As a note, this ticket is slightly impacted by the metaalerts backend
ticket (https://github.com/apache/metron/pull/734). The alerts field in the
various templates should be removed and the search queries for meta alerts
updated according to
https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-sort.html#_ignoring_unmapped_fields,
in order to allow for searches against metaalerts without having to have an
alert field in each template.
> Upgrade ElasticSearch and Kibana
> --------------------------------
>
> Key: METRON-939
> URL: https://issues.apache.org/jira/browse/METRON-939
> Project: Metron
> Issue Type: Improvement
> Reporter: Jon Zeolla
>
> Upgrade ElasticSearch and Kibana (latest is 5.4 as of writing this). Among
> other benefits, this allows us to use periods in field names
> (https://github.com/elastic/elasticsearch/pull/19937/files), which has been
> available as of 5.0 and 2.4, and the ability to index an IPv6 address
> properly
> (https://www.elastic.co/blog/indexing-ipv6-addresses-in-elasticsearch).
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
