Re: Issues with Quick Dev Installation

Try with "mysql" instead of "mysqld". I am probably remembering the service name incorrectly. On Oct 11, 2016 9:59 PM, "Rita McKissick" wrote: > Hi Nick, > > Aah, I had forgotten about this. Can you tell where I run "service mysqld > status" and "service mysqld >

Re: Issues with Quick Dev Installation

Hi Nick, Aah, I had forgotten about this. Can you tell where I run "service mysqld status" and "service mysqld start” from. I keep getting mysqld: unrecognized service and I’m pretty sure I’m running the command from the wrong location. Thanks, Rita Rita McKissick ! Sr. Technical Writer

Re: Issues with Quick Dev Installation

Ok, I think I have the fix for this. With the new local_action logic, ansible is checking the jar path on the host with sudo but doesn't have the password. Just need to add the line below to the Vagrantfile. ansible.ask_sudo_pass = true I will test tomorrow and, if successful, open a new PR for

Re: Issues with Quick Dev Installation

This error could be related to my PR that was merged today (METRON-492 ). I tested this successfully in a single node vm deployment, but not with vagrant. Perhaps there is something about vagrant that doesn't like the ansible local_action logic?

[GitHub] incubator-metron pull request #276: METRON-363 Fix Cisco ASA Parser

GitHub user kylerichardson reopened a pull request: https://github.com/apache/incubator-metron/pull/276 METRON-363 Fix Cisco ASA Parser I've rewritten the ASA parser which can be extended, as needed, to new ASA message types by editing the bundled asa patterns file and the static

[GitHub] incubator-metron pull request #276: METRON-363 Fix Cisco ASA Parser

Github user kylerichardson closed the pull request at: https://github.com/apache/incubator-metron/pull/276 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if

[GitHub] incubator-metron pull request #303: METRON-424 ability to validate ip addres...

GitHub user ottobackwards reopened a pull request: https://github.com/apache/incubator-metron/pull/303 METRON-424 ability to validate ip addresses against both IPV4 and IPV6 Allow the specification of multiple validation types for IP ` { "fieldValidations" : [

Re: Issues with Quick Dev Installation

To your second point about no data showing up, I have noticed that MySQL is sometimes not started which prevents the enrichment topic from moving data. I have not investigated but it might be due to memory constraints on the virtual node. Check if MySQL is running with "service mysqld status"

Issues with Quick Dev Installation

*** Resending because this message seemed to disappear into the ether and I didn’t receive a copy of it. I’m having difficulties with the latest Quick Development Platform installation. During deployment I received the following error message: -- TASK

Issues with Quick Dev installation

I’m having difficulties with the latest Quick-Dev installation. During deployment I received the following error message: -- TASK [metron_common : Check for Metron jar path] *** fatal: [node1 -> localhost]: FAILED! => {"changed": false,

[GitHub] incubator-metron issue #276: METRON-363 Fix Cisco ASA Parser

Github user kylerichardson commented on the issue: https://github.com/apache/incubator-metron/pull/276 Not entirely sure why the CI build failed. The error was: ``` testExample1(org.apache.metron.profiler.integration.ProfilerIntegrationTest) Time elapsed: 35.546 sec

[GitHub] incubator-metron issue #304: METRON-496: Field transformations are applied a...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/304 I'd prefer to keep the functionality for the CSVParser the way it is in this JIRA. I just wanted to make it so that the CSVParser's `parse` method wouldn't actively stomp on the data

Re: [DISCUSS] Upgrading to Storm 1.0.x

I think this would be good (+1 for me), but we should be quite careful that the testing for this PR is...exhaustive as it'll touch so much. At the very least, we'll need to ensure that: - Ansible full-dev and quick-dev continue to work - Ambari install continues to function - Data flows

[GitHub] incubator-metron issue #304: METRON-496: Field transformations are applied a...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/304 Haha, definitely @ottobackwards comment! Thanks for the feedback. :) * I found a potential situation with the CSVParser wrt timestamps that would prevent users from retaining the

Re: [GitHub] incubator-metron pull request #304: METRON-496: Field transformations are ap...

Have we considered having precondition validation and postcondition validation. Preconditions could check that the fields are in good condition to be transformed. Postconditions could find errors in events after field transformations. Thanks Carolyn On 10/11/16, 1:52 PM, "cestella"

[GitHub] incubator-metron issue #304: METRON-496: Field transformations are applied a...

Github user ottobackwards commented on the issue: https://github.com/apache/incubator-metron/pull/304 two things, if I may comment * did you mean to bring in the CSV parser change? * isn't the benefit of this that you can _remove_ the timestamp injection from the generic

[GitHub] incubator-metron pull request #303: METRON-424 ability to validate ip addres...

GitHub user ottobackwards reopened a pull request: https://github.com/apache/incubator-metron/pull/303 METRON-424 ability to validate ip addresses against both IPV4 and IPV6 Allow the specification of multiple validation types for IP ` { "fieldValidations" : [

[GitHub] incubator-metron pull request #303: METRON-424 ability to validate ip addres...

Github user ottobackwards closed the pull request at: https://github.com/apache/incubator-metron/pull/303 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if

[GitHub] incubator-metron pull request #297: METRON-488: Snort should use a proper CS...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/297 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron issue #303: METRON-424 ability to validate ip addresses aga...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/303 So, the problem with the tests is this: ``` test(org.apache.metron.parsers.integration.YafIntegrationTest) Time elapsed: 58.442 sec <<< ERROR! java.lang.RuntimeException: Too

[GitHub] incubator-metron pull request #291: METRON-482 Add logging to GrokParser to ...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/291 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

Re: [DISCUSS] Opinionated Data Flows

oops, typo: A writer should not o̶c̶c̶u̶r̶ *care* in which topology or for what sensor type it is being used. On Tue, Oct 11, 2016 at 1:46 PM, Nick Allen wrote: > >> I disagree with the idea that Metron should not be responsible for >> defining >> data flows and I think

Re: HDFS Compression

The format should be compatible/optimal with spark and Zeppelin. Perhaps other interactive BI tools like Tableau. Thanks Carolyn On 10/11/16, 1:06 PM, "Nick Allen" wrote: >Right. The original idea is to do batch analytics. Kind of difficult to >work with data sitting

[GitHub] incubator-metron issue #303: METRON-424 ability to validate ip addresses aga...

Github user ottobackwards commented on the issue: https://github.com/apache/incubator-metron/pull/303 OK, good then. I don't have to change anything. I have no idea why the travis build is failing - it doesn't look todo with my changes ( btw there are always so many errors it is

Re: HDFS Compression

Right. The original idea is to do batch analytics. Kind of difficult to work with data sitting in an ES index. But if we get a better understanding of the type of batch analytics, it might get us closer to the target. On Tue, Oct 11, 2016 at 1:03 PM, zeo...@gmail.com wrote:

Re: HDFS Compression

I'm somewhat ignorant here, never having used the MaaS stuff yet, but isn't that the dataset that the models would run against? I understand there could be additional use cases, I just wanted to be clear. Jon On Tue, Oct 11, 2016 at 1:01 PM Nick Allen wrote: > I don't

Re: HDFS Compression

I don't think we put much thought into how exactly the data should be landed in HDFS and for what use cases. It just has not been a priority. That being said, this might be a good time to gather everyone's thoughts on how they would use that kind of data and for what purposes. On Tue, Oct 11,

[GitHub] incubator-metron issue #303: METRON-424 ability to validate ip addresses aga...

Github user JonZeolla commented on the issue: https://github.com/apache/incubator-metron/pull/303 I would personally vote for `"type" : ["IPV4","IPV6"]`. I usually push for explicit and obvious so something like `retrieve_json.py | grep IPV4` would work. --- If your project is set

[GitHub] incubator-metron issue #291: METRON-482 Add logging to GrokParser to indicat...

Github user dlyle65535 commented on the issue: https://github.com/apache/incubator-metron/pull/291 Thanks! +1 as well. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled

[GitHub] incubator-metron issue #291: METRON-482 Add logging to GrokParser to indicat...

Github user mmiklavc commented on the issue: https://github.com/apache/incubator-metron/pull/291 +1 by inspection with @justinleet's confirmation of quick dev testing --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If

[GitHub] incubator-metron issue #297: METRON-488: Snort should use a proper CSV imple...

Github user mmiklavc commented on the issue: https://github.com/apache/incubator-metron/pull/297 +1 by inspection --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and

[GitHub] incubator-metron issue #188: METRON-227 (Time based flushing)

Github user mmiklavc commented on the issue: https://github.com/apache/incubator-metron/pull/188 Any new comments or actions for this PR? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this

[GitHub] incubator-metron pull request #303: METRON-424 ability to validate ip addres...

GitHub user ottobackwards opened a pull request: https://github.com/apache/incubator-metron/pull/303 METRON-424 ability to validate ip addresses against both IPV4 and IPV6 Allow the specification of multiple validation types for IP ` { "fieldValidations" : [

[GitHub] incubator-metron pull request #296: METRON-439: Stellar : IS_EMPTY(host) thr...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/296 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron pull request #295: METRON-371: Changing logging level to IN...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/295 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron pull request #290: METRON-421 Make Stellar Profiler Client ...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/290 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron pull request #298: METRON-432: Fix pcap field resolver to r...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/298 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] incubator-metron issue #298: METRON-432: Fix pcap field resolver to return o...

Github user mmiklavc commented on the issue: https://github.com/apache/incubator-metron/pull/298 FYI, verified this properly queries and filters based on numeric types in quick-dev --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub

Re: [DISCUSS] Upgrading to Storm 1.0.x

Storm 1.0 will allow config of kafka with SSL. Should I comment on METRON-495 or maybe it is better as a separate lira? Thanks Carolyn On 10/11/16, 10:07 AM, "David Lyle" wrote: >I'm +1 on this. > >On Tue, Oct 11, 2016 at 9:54 AM, Justin Leet

[GitHub] incubator-metron pull request #302: METRON-492 Run metron_common build check...

Github user asfgit closed the pull request at: https://github.com/apache/incubator-metron/pull/302 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

Re: [DISCUSS] Upgrading to Storm 1.0.x

I'm +1 on this. On Tue, Oct 11, 2016 at 9:54 AM, Justin Leet wrote: > Hi all, > > I wanted to start a thread around upgrading our Storm version from 0.10.x > to 1.0.x. I created a Jira at > https://issues.apache.org/jira/browse/METRON-495 to mirror this discussion > and

[GitHub] incubator-metron issue #293: METRON-473 Add LENGTH() To Stellar

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/293 +1 by inspection. Great work, otto. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this

[GitHub] incubator-metron issue #291: METRON-482 Add logging to GrokParser to indicat...

Github user dlyle65535 commented on the issue: https://github.com/apache/incubator-metron/pull/291 @justinleet - did you run this up in Vagrant or elsewhere? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

[GitHub] incubator-metron issue #298: METRON-432: Fix pcap field resolver to return o...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/298 +1 by inspection --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and

[DISCUSS] Upgrading to Storm 1.0.x

Hi all, I wanted to start a thread around upgrading our Storm version from 0.10.x to 1.0.x. I created a Jira at https://issues.apache.org/jira/browse/METRON-495 to mirror this discussion and the results and opinions. As listed at https://storm.apache.org/2016/04/12/storm100-released.html,

[GitHub] incubator-metron issue #290: METRON-421 Make Stellar Profiler Client API Acc...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/290 +1 on inspection --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and

[GitHub] incubator-metron issue #286: METRON-326 Error Handling in ElasticsearchWrite...

Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/286 +1 by inspection --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and