Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Michael Miklavcic
I think the suggestion is creative, however I am strongly opposed to 2 mpacks. It has been a fair amount of work through upgrades to maintain the one we have and I think splitting them might make it even worse. I'd much prefer to keep the dep on Kibana as is rather than make a change that doesn't

Re: [GitHub] metron issue #823: METRON-1286 Add MIN & MAX Stellar functions

2017-11-01 Thread Otto Fowler
He needs to add lic. to his files. On November 1, 2017 at 18:08:59, Ryan Merriman (merrim...@gmail.com) wrote: Which 2 files are in /home/travis/build/apache/ metron/metron-stellar/stellar-common/target/rat.txt? Do you get this same error when you run mvn apache-rat:check locally? You will need

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Kyle Richardson
I'll second Otto's suggestion. I like the idea of "splitting" the ES and Kibana components from the pure Metron components. I suppose that would mean having two mpacks to build for a while though. I agree with others that, at least for now, Kibana is an integral part of the Metron user

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Michael Miklavcic
It would not be installed with/by Metron. You'd install and manage Kibana on your own. Some things can be done with the head plugin, but it wouldn't be as pretty. >From the sounds of it the community still uses and wants Kibana, so we'll hold off until the UI can manage more of this

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Laurens Vets
How would I do that without Kibana? Having a SIEM without the ability to see raw processed events (whether they are alerts or not), would be a big issue I think. Or would Kibana always be required, just not installed by Metron? On 2017-11-01 11:34, Michael Miklavcic wrote: You could

Re: [GitHub] metron issue #823: METRON-1286 Add MIN & MAX Stellar functions

2017-11-01 Thread Ryan Merriman
Which 2 files are in /home/travis/build/apache/ metron/metron-stellar/stellar-common/target/rat.txt? Do you get this same error when you run mvn apache-rat:check locally? You will need to either add licenses to those 2 files or add exclusions in /metron/pom.xml if they should in fact be excluded

[GitHub] metron issue #823: METRON-1286 Add MIN & MAX Stellar functions

2017-11-01 Thread jasper-k
Github user jasper-k commented on the issue: https://github.com/apache/metron/pull/823 The Travis build failed with an error relating to licensing and Rat. I don't know how to tackle this problem. The error points to the new files I added in this PR. Locally I could suppress the

[GitHub] metron pull request #824: METRON-1289: Alert fields are lost when a MetaAler...

2017-11-01 Thread merrimanr
GitHub user merrimanr opened a pull request: https://github.com/apache/metron/pull/824 METRON-1289: Alert fields are lost when a MetaAlert is created ## Contributor Comments This PR fixes a bug in the ElasticsearchMetaAlertDao that incorrectly updates the included alerts. To

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Michael Miklavcic
You could absolutely still do it, I'm simply saying it would not be managed by us. On Nov 1, 2017 12:20 PM, "Laurens Vets" wrote: > If there's a viable way of looking at raw processed events (not > necessarily alerts), then I'm all for removeing Kibana. I use Discover a > lot

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Laurens Vets
If there's a viable way of looking at raw processed events (not necessarily alerts), then I'm all for removeing Kibana. I use Discover a lot to filter and look at events and create new policies from that. Is there currently a simple way to do this without Kibana? On 2017-11-01 09:13, Michael

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Otto Fowler
Maybe what we should do is move the ES + Kibana mpack stuff to contrib, and change the main mpack to support either the contrib install -or- an existing or non-ambari managed install? Down the road. On November 1, 2017 at 13:44:37, zeo...@gmail.com (zeo...@gmail.com) wrote: I'm probably okay

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread zeo...@gmail.com
I'm probably okay with marking it as deprecated in two releases (after moving to 5.x, thus not really helping with the migration), but it depends a lot on increased functionality for the metron alerts UI IMO. Jon On Wed, Nov 1, 2017 at 12:51 PM Otto Fowler wrote: > I

Re: [DISCUSS] - Remove Kibana

2017-11-01 Thread Otto Fowler
I don’t think we should remove it until there is a viable alternative for the capabilities we rely on it for. Also, the ‘story’ around metron integration with kibana needs to be solid and well supported at that time. On November 1, 2017 at 12:13:18, Michael Miklavcic (

Re: [DISCUSS] Using Yarn package manager for metron-alerts

2017-11-01 Thread Nick Allen
I'm still all for it. It is a backwards compatible change and would have significant benefits. I think it is just a matter of someone getting cycles to do it. On Mon, Oct 30, 2017 at 3:00 PM Michael Miklavcic < michael.miklav...@gmail.com> wrote: > Would love to revive this - I think this

[GitHub] metron pull request #823: METRON-1286 Add MIN & MAX Stellar functions

2017-11-01 Thread jasper-k
GitHub user jasper-k opened a pull request: https://github.com/apache/metron/pull/823 METRON-1286 Add MIN & MAX Stellar functions ## Contributor Comments Currently Stellar lacks straightforward MAX & MIN functions that take just a list of values as input. The functions