Re: who is having problems installing?
Yes, like me I am planning to install Metron and would like to join the meeting to know what would be the possible issues that I will face and how to solve them *Thank you!* *Caryll* On Wed, Oct 4, 2017 at 9:02 AM, Otto Fowlerwrote: > Did you mean to send this to users too? > > > > On October 3, 2017 at 19:12:10, James Sirota (jsir...@apache.org) wrote: > > Hi Guys, > > How many people do we have with questions about installing Metron? I can > take some time later in the week to schedule a meeting and get everyone > unstuck > > --- > Thank you, > > James Sirota > PMC- Apache Metron > jsirota AT apache DOT org > -- CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. There is no warranty that this email is error, virus or defect free. If this is a private communication it does not represent the views of Pointwest Technologies Corporation or their related entities.
Re: [DISCUSS] Community meeting on Tuesday, Sept.23 10AM PST
I am having to request access, not sure if this is what you meant to do. On October 3, 2017 at 18:56:29, James Sirota (jsir...@apache.org) wrote: Link to the recording. You need a WebEx player to view it https://drive.google.com/open?id=0B3a8U3GCzkKNZHR2LUZNcmljcTQ 26.09.2017, 09:20, "Laurens Vets": > 11:30 won't work for me, but that's fine. I only had 1 comment on Otto's > video: What happens when we have 2 parsers/sensors with the same name. > If there's ever a parser/sensor repository, this might be an issue. > > On 2017-09-25 17:38, Otto Fowler wrote: >> 11:30 your time. Sorry I have to pick my kids up from school. 2:30 >> mine. >> >> On September 25, 2017 at 19:41:28, James Sirota (jsir...@apache.org) >> wrote: >> >> Oh sorry, didn't notice that. Otto, when is a good time for you? >> >> 25.09.2017, 16:35, "zeo...@gmail.com" : >>> When is the meeting, given Otto mentioned he can't make 10am? Or did >>> that >>> change >>> >>> Jon >>> >>> On Mon, Sep 25, 2017, 19:19 James Sirota wrote: >>> Great. Thank you, Otto. I would encourage everyone to watch it so that >> we have constructive feedback for tomorrow and are able to arrive to a >> decision Thanks, James 25.09.2017, 08:27, "Otto Fowler" : > https://youtu.be/-ISycoP3TVA > > The video is short and simple. Hopefully it is what you are looking >> for. > > On September 21, 2017 at 16:54:13, zeo...@gmail.com (zeo...@gmail.com) >> > wrote: > > I won't be able to make it and would really like to make sure there's >> a > recording for this one, if possible. I'm unavailable until Thursday >> of > next week, but not necessarily suggesting this gets moved. > > Jon > > On Thu, Sep 21, 2017, 15:04 Otto Fowler >> wrote: > >> I can’t make that time, can we make it later in the day? >> >> On September 21, 2017 at 11:40:37, James Sirota (jsir...@apache.org) >> wrote: >> >> https://hortonworks.webex.com/meet/jsirota > -- > > Jon --- Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org >>> -- >>> >>> Jon >> >> --- >> Thank you, >> >> James Sirota >> PPMC- Apache Metron (Incubating) >> jsirota AT apache DOT org --- Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org
Re: who is having problems installing?
Can those who are planning to install Metron join the meeting? *Thank you!* *Caryll* On Wed, Oct 4, 2017 at 7:11 AM, James Sirotawrote: > Hi Guys, > > How many people do we have with questions about installing Metron? I can > take some time later in the week to schedule a meeting and get everyone > unstuck > > --- > Thank you, > > James Sirota > PMC- Apache Metron > jsirota AT apache DOT org > -- CONFIDENTIALITY NOTICE: This email may contain confidential and privileged material for the sole use of the intended recipient(s). Any review, use, distribution or disclosure by others is strictly prohibited. If you have received this communication in error, please notify the sender immediately by e-mail and delete the message and any file attachments from your computer. There is no warranty that this email is error, virus or defect free. If this is a private communication it does not represent the views of Pointwest Technologies Corporation or their related entities.
who is having problems installing?
Hi Guys, How many people do we have with questions about installing Metron? I can take some time later in the week to schedule a meeting and get everyone unstuck --- Thank you, James Sirota PMC- Apache Metron jsirota AT apache DOT org
Re: [DISCUSS] Community meeting on Tuesday, Sept.23 10AM PST
Link to the recording. You need a WebEx player to view it https://drive.google.com/open?id=0B3a8U3GCzkKNZHR2LUZNcmljcTQ 26.09.2017, 09:20, "Laurens Vets": > 11:30 won't work for me, but that's fine. I only had 1 comment on Otto's > video: What happens when we have 2 parsers/sensors with the same name. > If there's ever a parser/sensor repository, this might be an issue. > > On 2017-09-25 17:38, Otto Fowler wrote: >> 11:30 your time. Sorry I have to pick my kids up from school. 2:30 >> mine. >> >> On September 25, 2017 at 19:41:28, James Sirota (jsir...@apache.org) >> wrote: >> >> Oh sorry, didn't notice that. Otto, when is a good time for you? >> >> 25.09.2017, 16:35, "zeo...@gmail.com" : >>> When is the meeting, given Otto mentioned he can't make 10am? Or did >>> that >>> change >>> >>> Jon >>> >>> On Mon, Sep 25, 2017, 19:19 James Sirota wrote: >>> Great. Thank you, Otto. I would encourage everyone to watch it so that >> we have constructive feedback for tomorrow and are able to arrive to a >> decision Thanks, James 25.09.2017, 08:27, "Otto Fowler" : > https://youtu.be/-ISycoP3TVA > > The video is short and simple. Hopefully it is what you are looking >> for. > > On September 21, 2017 at 16:54:13, zeo...@gmail.com (zeo...@gmail.com) >> > wrote: > > I won't be able to make it and would really like to make sure there's >> a > recording for this one, if possible. I'm unavailable until Thursday >> of > next week, but not necessarily suggesting this gets moved. > > Jon > > On Thu, Sep 21, 2017, 15:04 Otto Fowler >> wrote: > >> I can’t make that time, can we make it later in the day? >> >> On September 21, 2017 at 11:40:37, James Sirota (jsir...@apache.org) >> wrote: >> >> https://hortonworks.webex.com/meet/jsirota > -- > > Jon --- Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org >>> -- >>> >>> Jon >> >> --- >> Thank you, >> >> James Sirota >> PPMC- Apache Metron (Incubating) >> jsirota AT apache DOT org --- Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org
[GitHub] metron issue #779: METRON-1218: Metron REST should return better error messa...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/779 +1 ---
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user ottobackwards commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142513786 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- It is not in logs that is the problem, it is if it is in the UI. I think that it would apply to rest too... but I am not sure on that ---
[GitHub] metron issue #782: METRON-1222 fix warning for The expression ${parent.versi...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/782 +1 ---
[GitHub] metron issue #782: METRON-1222 fix warning for The expression ${parent.versi...
Github user dbist commented on the issue: https://github.com/apache/metron/pull/782 @mmiklavc @ottobackwards updated the title, thank you. ---
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user ottobackwards commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142478606 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- https://www.owasp.org/index.php/Error_Handling#Vulnerable_Patterns_for_Error_Handling ---
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user ottobackwards commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142477613 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- https://software-security.sans.org/blog/2010/08/11/security-misconfigurations-java-webxml-files ---
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user cestella commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142471360 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- I think I can live with just the root cause, but I'd like to know how exposing the stack trace is a security issue first. Can you clarify the reasoning behind it, @ottobackwards ? It's not that I disbelieve you, but I'd like to better understand because we currently have stack traces in logs all over the place. ---
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user merrimanr commented on the issue: https://github.com/apache/metron/pull/768 I spun this up in full dev and it's working pretty well. The only functional issue I could find was that the bulk actions are disabled when alerts are selected in group/tree view. This is likely due to the fact that tree view inherits from list view and selectedAlerts are part of list view. Other than that I think this is pretty close. We should add an e2e test for bulk actions in tree view (would have caught the issue above). Also is there a test for group reordering (drag and drop)? ---
[GitHub] metron pull request #768: Metron 1123: Add group by option using faceted sea...
Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/768#discussion_r142454390 --- Diff: metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/metaalert/MetaAlertCreateResponse.java --- @@ -28,4 +28,4 @@ public boolean isCreated() { public void setCreated(boolean created) { this.created = created; } -} +} --- End diff -- Was this intentional? ---
[GitHub] metron pull request #768: Metron 1123: Add group by option using faceted sea...
Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/768#discussion_r142454353 --- Diff: metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/MetaAlertStatus.java --- @@ -31,4 +31,4 @@ public String getStatusString() { return statusString; } -} +} --- End diff -- Was this intentional? ---
Re: Error message when changing riskLevelRules
Sure, I understand. I just did that so others have an example to work with for future reference. On Tue, Oct 3, 2017 at 11:49 AM, Laurens Vetswrote: > Thanks Nick! I'm still on 0.4.1-release, so I haven't had a chance to play > with your additional THREAT_TRIAGE_* things. > > > On 2017-10-03 08:40, Nick Allen wrote: > >> Laurens - >> >> The problem is that we expect a Stellar expression for the "reason" field. >> What you are providing is a string that is not a valid Stellar expression. >> For it to be a valid expression you need to add another set of quotes to >> make it a Stellar string; " 'No MFA used.' ". >> >> I definitely see how this can be confusing. Here is a REPL session of me >> working through the problem. I can see that there is clearly a problem >> using the REPL. >> >> (1) Create the rule set that you mentioned in your email. >> >> [Stellar]>>> input := SHELL_EDIT(input) >> >> [Stellar]>>> input >> >> [ >> >> { >> >> "name": "Not WORK", >> >> "comment": "Checks whether the field is_work is true or >> false.", >> >> "rule": "is_work == false", >> >> "score": 20, >> >> "reason": "FORMAT('%s is not a WORK network!', >> sourceIPAddress)" >> >> }, >> >> { >> >> "name": "MFA", >> >> "comment": "Checks whether MFA used or not.", >> >> "rule": >> "userIdentity:sessionContext:attributes:mfaAuthenticated == \"False\"", >> >> "score": 20, >> >> "reason": "No MFA used." >> >> }, >> >> { >> >> "name": "MFA2", >> >> "comment": "Checks whether MFA used or not.", >> >> "rule": "additionalEventData:MFAUsed == \"No\"", >> >> "score": 20, >> >> "reason": "No MFA used." >> >> } >> >> ] >> >> [Stellar]>>> rules := TO_JSON_LIST(input) >> >> >> (2) Initialize the threat triage engine and add the rules. >> >> >> [Stellar]>>> t := THREAT_TRIAGE_INIT() >> >> [Stellar]>>> THREAT_TRIAGE_ADD(t, rules) >> >> [!] Unable to parse No MFA used.: Unable to parse: No MFA used. due to: >> org.apache.metron.stellar.dsl.ParseException: Syntax error @ 1:3 no >> viable >> alternative at input 'NoMFA' >> >> org.apache.metron.stellar.dsl.ParseException: Unable to parse No MFA >> used.: >> Unable to parse: No MFA used. due to: >> org.apache.metron.stellar.dsl.ParseException: Syntax error @ 1:3 no >> viable >> alternative at input 'NoMFA' >> >> at >> org.apache.metron.stellar.common.BaseStellarProcessor.valida >> te(BaseStellarProcessor.java:240) >> >> at >> org.apache.metron.stellar.common.BaseStellarProcessor.valida >> te(BaseStellarProcessor.java:199) >> >> at >> org.apache.metron.common.configuration.enrichment.threatinte >> l.ThreatTriageConfig.setRiskLevelRules(ThreatTriageConfig.java:63) >> >> at >> org.apache.metron.management.ThreatTriageFunctions$AddStella >> rTransformation.apply(ThreatTriageFunctions.java:346) >> >> at >> org.apache.metron.stellar.common.StellarCompiler.lambda$exit >> TransformationFunc$13(StellarCompiler.java:570) >> >> at >> org.apache.metron.stellar.common.StellarCompiler$Expression. >> apply(StellarCompiler.java:169) >> >> at >> org.apache.metron.stellar.common.BaseStellarProcessor.parse( >> BaseStellarProcessor.java:152) >> >> at >> org.apache.metron.stellar.common.shell.StellarExecutor.execu >> te(StellarExecutor.java:292) >> >> at >> org.apache.metron.stellar.common.shell.StellarShell.handleSt >> ellar(StellarShell.java:277) >> >> at >> org.apache.metron.stellar.common.shell.StellarShell.execute( >> StellarShell.java:509) >> >> at org.jboss.aesh.console.AeshProcess.run(AeshProcess.java:53) >> >> at >> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPool >> Executor.java:1142) >> >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoo >> lExecutor.java:617) >> >> at java.lang.Thread.run(Thread.java:745) >> >> Caused by: org.apache.metron.stellar.dsl.ParseException: Unable to parse: >> No MFA used. due to: org.apache.metron.stellar.dsl.ParseException: Syntax >> error @ 1:3 no viable ... >> >> >> (3) Clearly there is a problem. I then edited the input to add the quotes >> as I suggested. >> >> >> [Stellar]>>> input := SHELL_EDIT(input) >> >> [Stellar]>>> input >> >> [ >> >> { >> >> "name": "Not WORK", >> >> "comment": "Checks whether the field is_work is true or >> false.", >> >> "rule": "is_work == false", >> >> "score": 20, >> >> "reason": "FORMAT('%s is not a WORK network!', >> sourceIPAddress)" >> >> }, >> >> { >> >> "name": "MFA", >> >> "comment": "Checks whether MFA used or not.", >> >> "rule": >> "userIdentity:sessionContext:attributes:mfaAuthenticated == \"False\"", >> >> "score": 20, >> >>
[GitHub] metron issue #737: METRON-1161: Add ability to edit parser command line opti...
Github user merrimanr commented on the issue: https://github.com/apache/metron/pull/737 Ok I reverted the SensorParserConfig class so that defaults are not provided for numWorkers and numAckers. I also added help text to make it clear to the user what happens when these are not set. Let me know how this looks. ---
Re: Error message when changing riskLevelRules
Laurens - The problem is that we expect a Stellar expression for the "reason" field. What you are providing is a string that is not a valid Stellar expression. For it to be a valid expression you need to add another set of quotes to make it a Stellar string; " 'No MFA used.' ". I definitely see how this can be confusing. Here is a REPL session of me working through the problem. I can see that there is clearly a problem using the REPL. (1) Create the rule set that you mentioned in your email. [Stellar]>>> input := SHELL_EDIT(input) [Stellar]>>> input [ { "name": "Not WORK", "comment": "Checks whether the field is_work is true or false.", "rule": "is_work == false", "score": 20, "reason": "FORMAT('%s is not a WORK network!', sourceIPAddress)" }, { "name": "MFA", "comment": "Checks whether MFA used or not.", "rule": "userIdentity:sessionContext:attributes:mfaAuthenticated == \"False\"", "score": 20, "reason": "No MFA used." }, { "name": "MFA2", "comment": "Checks whether MFA used or not.", "rule": "additionalEventData:MFAUsed == \"No\"", "score": 20, "reason": "No MFA used." } ] [Stellar]>>> rules := TO_JSON_LIST(input) (2) Initialize the threat triage engine and add the rules. [Stellar]>>> t := THREAT_TRIAGE_INIT() [Stellar]>>> THREAT_TRIAGE_ADD(t, rules) [!] Unable to parse No MFA used.: Unable to parse: No MFA used. due to: org.apache.metron.stellar.dsl.ParseException: Syntax error @ 1:3 no viable alternative at input 'NoMFA' org.apache.metron.stellar.dsl.ParseException: Unable to parse No MFA used.: Unable to parse: No MFA used. due to: org.apache.metron.stellar.dsl.ParseException: Syntax error @ 1:3 no viable alternative at input 'NoMFA' at org.apache.metron.stellar.common.BaseStellarProcessor.validate(BaseStellarProcessor.java:240) at org.apache.metron.stellar.common.BaseStellarProcessor.validate(BaseStellarProcessor.java:199) at org.apache.metron.common.configuration.enrichment.threatintel.ThreatTriageConfig.setRiskLevelRules(ThreatTriageConfig.java:63) at org.apache.metron.management.ThreatTriageFunctions$AddStellarTransformation.apply(ThreatTriageFunctions.java:346) at org.apache.metron.stellar.common.StellarCompiler.lambda$exitTransformationFunc$13(StellarCompiler.java:570) at org.apache.metron.stellar.common.StellarCompiler$Expression.apply(StellarCompiler.java:169) at org.apache.metron.stellar.common.BaseStellarProcessor.parse(BaseStellarProcessor.java:152) at org.apache.metron.stellar.common.shell.StellarExecutor.execute(StellarExecutor.java:292) at org.apache.metron.stellar.common.shell.StellarShell.handleStellar(StellarShell.java:277) at org.apache.metron.stellar.common.shell.StellarShell.execute(StellarShell.java:509) at org.jboss.aesh.console.AeshProcess.run(AeshProcess.java:53) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) at java.lang.Thread.run(Thread.java:745) Caused by: org.apache.metron.stellar.dsl.ParseException: Unable to parse: No MFA used. due to: org.apache.metron.stellar.dsl.ParseException: Syntax error @ 1:3 no viable ... (3) Clearly there is a problem. I then edited the input to add the quotes as I suggested. [Stellar]>>> input := SHELL_EDIT(input) [Stellar]>>> input [ { "name": "Not WORK", "comment": "Checks whether the field is_work is true or false.", "rule": "is_work == false", "score": 20, "reason": "FORMAT('%s is not a WORK network!', sourceIPAddress)" }, { "name": "MFA", "comment": "Checks whether MFA used or not.", "rule": "userIdentity:sessionContext:attributes:mfaAuthenticated == \"False\"", "score": 20, "reason": "'No MFA used.'" }, { "name": "MFA2", "comment": "Checks whether MFA used or not.", "rule": "additionalEventData:MFAUsed == \"No\"", "score": 20, "reason": "'No MFA used.'" } ] [Stellar]>>> rules := TO_JSON_LIST(input) (4) Again, i nitialize the threat triage engine and add the rules. [Stellar]>>> t := THREAT_TRIAGE_INIT() [Stellar]>>> THREAT_TRIAGE_ADD(t, rules) { "enrichment" : { "fieldMap" : { }, "fieldToTypeMap" : { }, "config" : { } }, "threatIntel" : { "fieldMap" : { }, "fieldToTypeMap" : { }, "config" : { }, "triageConfig" : { "riskLevelRules" : [ { "name" : "Not WORK", "comment" : "Checks whether the
FW: Change to Indexing section of Admin Guide
Sorry, please disregard this email. Sent to wrong email alias. Rita Rita McKissick ! Sr. Technical Writer rmckiss...@hortonworks.com (mobile) 831-234-3676 On 10/3/17, 6:53 AM, "Rita McKissick"wrote: >Hi everyone, > >Jasper requested that I copy the section on tuning HDFS to the section on >Indexing. So, I’ve added this section to the Indexing section on the Admin >Guide: >http://dev.hortonworks.com.s3.amazonaws.com/HDPDocuments/HCP1/HCP-1-trunk/bk_administration/content/configuring_indexing.html > >Let me know if you have any suggestions or feedback on this change. > >Thanks, > >Rita > >Rita McKissick ! Sr. Technical Writer >rmckiss...@hortonworks.com >(mobile) 831-234-3676 > >
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/768 What does the ungroup button **do** when you hit it and it is still in table view? ---
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142419159 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- My vote would be root cause in the REST response, full stack trace in the logs. I would also vote to skip the separate profile for stack trace. Turning that on and restarting REST would be more effort than just looking at the log. Doubt anyone would use it. I think this is a minor issue. I would be good with either. ---
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/768 It looks like it is working now. Maybe this error was an artifact or manifestation of the dependency issues that 'resolved' themselves. I'll get going ---
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/768 I am going to try again ---
[GitHub] metron issue #737: METRON-1161: Add ability to edit parser command line opti...
Github user cestella commented on the issue: https://github.com/apache/metron/pull/737 Wait, I'm confused, the current behavior is to default to the storm config. Why did you pull that into the SensorParserConfig? The issue with what you've done here is that when you save out the configs into zookeeper, you are serializing the object with the values set (including those defaults). Now, if someone restarts the topology, those are the values set regardless of what is set in the storm config. Can we please just solve this by some hover-over text indicating if the field is not set, then the storm defaults are used? Maybe even indicating what the default currently is. I'd have honestly made those values Optional if I could've (serialization issues caused that not to be the case). I guess what I'm saying is that, no, I don't like this approach. :) ---
Change to Indexing section of Admin Guide
Hi everyone, Jasper requested that I copy the section on tuning HDFS to the section on Indexing. So, I’ve added this section to the Indexing section on the Admin Guide: http://dev.hortonworks.com.s3.amazonaws.com/HDPDocuments/HCP1/HCP-1-trunk/bk_administration/content/configuring_indexing.html Let me know if you have any suggestions or feedback on this change. Thanks, Rita Rita McKissick ! Sr. Technical Writer rmckiss...@hortonworks.com (mobile) 831-234-3676
[GitHub] metron pull request #779: METRON-1218: Metron REST should return better erro...
Github user cestella commented on a diff in the pull request: https://github.com/apache/metron/pull/779#discussion_r142407343 --- Diff: metron-interface/metron-rest/src/main/java/org/apache/metron/rest/controller/RestExceptionHandler.java --- @@ -35,7 +36,7 @@ @ResponseBody ResponseEntity handleControllerException(HttpServletRequest request, Throwable ex) { HttpStatus status = getStatus(request); -return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), getFullMessage(ex)), status); +return new ResponseEntity<>(new RestError(status.value(), ex.getMessage(), ExceptionUtils.getStackTrace(ex)), status); --- End diff -- Well, the stack trace is generally more helpful in debugging than just the root cause, so yeah, I kinda wanted the stack trace along with the root cause. I'm willing to be argued with, but as a dev, I'd like to know line numbers of failures along with why. ---
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/768 I run this standard [checkout-pr](https://github.com/ottobackwards/Metron-and-Nifi-Scripts/blob/master/metron/checkout-pr) script, to download in to ~/tmp. cd into the directory created 's metron-deployment/vagrant/full-dev-platform vagrant up ---
[GitHub] metron issue #768: Metron 1123: Add group by option using faceted search cap...
Github user iraghumitra commented on the issue: https://github.com/apache/metron/pull/768 @ottobackwards If you dont mind can you give me exact steps to simulate the installation issue. I seem to miss something here. ---