Re: [DISCUSS] Pcap panel architecture

2018-05-10 Thread zeo...@gmail.com
At the very least there needs to be the ability to share downloaded PCAPs with other users and/or have roles that can see all pcaps. A platform engineer may want to clean up old pcaps after x time, or a manger may ask an analyst to find all of the traffic that exhibits xyz behavior, dump a pcap,

Re: [DISCUSS] Release Manager

2018-05-10 Thread Matt Foley
Guys, heartfelt thanks for the appreciation. I'm really sorry I can't keep doing it, currently buried by unrelated work. Thanks, --Matt ´╗┐On 5/10/18, 10:34 AM, "Nick Allen" wrote: +1 to Justin And many thanks to Matt and all his hard work. On Thu, May

Re: [DISCUSS] Release Manager

2018-05-10 Thread Nick Allen
+1 to Justin And many thanks to Matt and all his hard work. On Thu, May 10, 2018 at 12:13 PM, Ryan Merriman wrote: > Yes +1 to Justin being RM. Thank you for taking that on. > > On Thu, May 10, 2018 at 11:08 AM, Casey Stella wrote: > > > I'm +1 to

Re: [DISCUSS] Release Manager

2018-05-10 Thread Ryan Merriman
Yes +1 to Justin being RM. Thank you for taking that on. On Thu, May 10, 2018 at 11:08 AM, Casey Stella wrote: > I'm +1 to Justin being RM; he's going to have big shoes to fill with Matt > gone. ;) Also, if it wasn't obvious, deep and hearty thanks to Matt again > for being

Re: [DISCUSS] Release Manager

2018-05-10 Thread Casey Stella
I'm +1 to Justin being RM; he's going to have big shoes to fill with Matt gone. ;) Also, if it wasn't obvious, deep and hearty thanks to Matt again for being our RM. On Thu, May 10, 2018 at 12:06 PM Ryan Merriman wrote: > Thanks for all your help Matt. > > On Thu, May 10,

Re: [DISCUSS] Release Manager

2018-05-10 Thread Ryan Merriman
Thanks for all your help Matt. On Thu, May 10, 2018 at 10:53 AM, Michael Miklavcic < michael.miklav...@gmail.com> wrote: > Thanks Matt for doing this for the community. > > Justin Leet as new lord commander of the Night's Watch? Aye, dilly, dilly. > > On Thu, May 10, 2018 at 9:07 AM, Justin Leet

Re: [DISCUSS] Release Manager

2018-05-10 Thread Michael Miklavcic
Thanks Matt for doing this for the community. Justin Leet as new lord commander of the Night's Watch? Aye, dilly, dilly. On Thu, May 10, 2018 at 9:07 AM, Justin Leet wrote: > I'd be happy to to volunteer to take over for a while. > > Thanks to Matt for all the help

Re: [DISCUSS] Release Manager

2018-05-10 Thread Justin Leet
I'd be happy to to volunteer to take over for a while. Thanks to Matt for all the help through the last couple releases! Justin On Thu, May 10, 2018 at 11:06 AM, Casey Stella wrote: > Hi All, > > Matt Foley, our esteemed Release manager for the last couple releases, has >

[DISCUSS] Release Manager

2018-05-10 Thread Casey Stella
Hi All, Matt Foley, our esteemed Release manager for the last couple releases, has asked to be relieved. So, I'm calling on volunteers for the next release manager. It should be a committer and there are a few things that require a PMC member, I believe, but the release manager can ask for help

Re: [DISCUSS] Pcap panel architecture

2018-05-10 Thread Ryan Merriman
Mike, I believe the /pcapGetter/getPcapsByIdentifiers endpoint exposes the fixed query option which we have covered. I agree with you that deprecating the metron-api module should be a goal of this feature. On Wed, May 9, 2018 at 1:36 PM, Michael Miklavcic < michael.miklav...@gmail.com> wrote:

Re: [DISCUSS] Pcap panel architecture

2018-05-10 Thread Ryan Merriman
Security is another important topic related to our pcap architecture. This may spill over into a more general, system-wide discussion and we can start a separate thread for that if necessary. I'm assuming we want to manage pcap queries by user. One important question is which user do we use to

Re: [DISCUSS] Release?

2018-05-10 Thread Michael Miklavcic
If we're going to put Solr in the next release I think the index name change can wait for that release as well. On Thu, May 10, 2018 at 7:09 AM, Nick Allen wrote: > > I tend to like grouping the es changes into one release (i.e. include > the index > name change) and solr

Re: [DISCUSS] Release?

2018-05-10 Thread Nick Allen
> I tend to like grouping the es changes into one release (i.e. include the > index name change) and solr into another (next release). Is anyone willing to volunteer to do the work for the index name change? If there are no takers, I think we need to move on and cut a release. On Thu, May

Re: [DISCUSS] Release?

2018-05-10 Thread zeo...@gmail.com
I tend to like grouping the es changes into one release (i.e. include the index name change) and solr into another (next release). I think we go too long between releases myself and wouldn't be against doing two releases just a couple of months apart. Jon On Wed, May 9, 2018, 14:47 Michael