GitHub user cestella opened a pull request:
https://github.com/apache/incubator-metron/pull/450
METRON-690: Create a DSL-based timestamp lookup for profiler to enable
sparse windows
Creating a small DSL to allow specifying profiles from windows of time that
may:
* repeat
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/438#discussion_r100442785
--- Diff:
metron-platform/metron-enrichment/src/main/java/org/apache/metron/threatintel/triage/ThreatTriageProcessor.java
---
@@ -52,15 +74,36
Github user JonZeolla commented on the issue:
https://github.com/apache/incubator-metron/pull/447
Would anybody be willing to update [this
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/448
Went through the Ambari steps to point where install started running.
Version numbers look good throughout.
---
If your project is set up for it, you can reply to this email and have
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/449#discussion_r100408667
--- Diff:
metron-analytics/metron-profiler/src/main/java/org/apache/metron/profiler/bolt/KafkaDestinationHandler.java
---
@@ -0,0 +1,78 @@
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/438
After talking with Casey, it's an issue with StellarShell, not this PR.
I'll make a ticket and get it done. So feel free to ignore this issue,
@nickwallen
---
If your project is
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/438
Seems like THREAT_TRIAGE_REMOVE just behaves really badly
```
[Stellar]>>> conf := THREAT_TRIAGE_ADD(conf, [triage])
[Stellar]>>> conf := THREAT_TRIAGE_REMOVE(conf,
GitHub user nickwallen opened a pull request:
https://github.com/apache/incubator-metron/pull/449
METRON-701 Triage Metrics Produced by the Profiler
## [METRON-701](https://issues.apache.org/jira/browse/METRON-701)
Please do not merge. I am looking for feedback on this
GitHub user justinleet opened a pull request:
https://github.com/apache/incubator-metron/pull/448
Rev MPack Version to 0.3.1.0
Updating the version number in the mpack stuff (nothing automated, just
manually changed it).
Built a new version of the mpack locally, and it has
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/438
I saw some odd behavior I think is unrelated to this PR itself while
testing.
I tried to remove the threat triage rule, messed up, fixed it, and then
borked my conf variable.
Yup Matt. I can most definitively state that Ambari Upgrade is not
currently supported. Yet. :)
-D...
On Thu, Feb 9, 2017 at 3:12 PM, Justin Leet wrote:
> Jira is https://issues.apache.org/jira/browse/METRON-710.
>
> Justin
>
> On Thu, Feb 9, 2017 at 2:58 PM, Matt Foley
Jira is https://issues.apache.org/jira/browse/METRON-710.
Justin
On Thu, Feb 9, 2017 at 2:58 PM, Matt Foley wrote:
> The only reason not to go “backwards” is if someone is going to try to use
> Ambari Upgrade to move from the 0.3.0 Mpack to this one.
>
> I THINK it’s unlikely
The only reason not to go “backwards” is if someone is going to try to use
Ambari Upgrade to move from the 0.3.0 Mpack to this one.
I THINK it’s unlikely this is a concern, so I’m okay with 0.3.1.0, but I would
change my opinion if someone says a real-world user in the field will want to
use
I'm good with 0.3.1.0 too, so I'll go ahead and spin up a ticket and make
that change.
Justin
On Thu, Feb 9, 2017 at 2:53 PM, David Lyle wrote:
> I'm good with 0.3.1.0.
>
> -D...
>
> On Thu, Feb 9, 2017 at 2:36 PM, zeo...@gmail.com wrote:
>
> > I agree
-1 (non-binding) due to mpack revision number
On Thu, Feb 9, 2017, 2:42 PM Casey Stella wrote:
> -1, we didn't rev the mpack. Discussion going on currently as to what
> version it should be and Justin volunteered to do the work. I vote we wait
> for that and cut another
Github user mmiklavc commented on the issue:
https://github.com/apache/incubator-metron/pull/445
Adding these timing notes about the import for reference:
**No filter, local load, multiple threads (5), batch 128**
real10m22.127s
user11m11.873s
sys
I'm good with 0.3.1.0.
-D...
On Thu, Feb 9, 2017 at 2:36 PM, zeo...@gmail.com wrote:
> I agree with Casey regarding the version itself, but I'd be fine with
> somethign else if someone else has a convincing argument.
>
> Jon
>
> On Thu, Feb 9, 2017 at 2:12 PM Justin Leet
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/438#discussion_r100395910
--- Diff:
metron-platform/metron-enrichment/src/main/java/org/apache/metron/threatintel/triage/ThreatTriageProcessor.java
---
@@ -52,15 +74,36
-1, we didn't rev the mpack. Discussion going on currently as to what
version it should be and Justin volunteered to do the work. I vote we wait
for that and cut another RC.
On Thu, Feb 9, 2017 at 9:23 AM, Casey Stella wrote:
> This is a call to vote on releasing Apache
I agree with Casey regarding the version itself, but I'd be fine with
somethign else if someone else has a convincing argument.
Jon
On Thu, Feb 9, 2017 at 2:12 PM Justin Leet wrote:
I can pick this up once we have an agreement on the version number. When
we agree on
I can pick this up once we have an agreement on the version number. When
we agree on that, I'll make a Jira and rev it.
Justin
On Thu, Feb 9, 2017 at 2:05 PM, Casey Stella wrote:
> I do agree that the MPack should be rev'd and a new RC should be cut. Is
> there a way to
I do agree that the MPack should be rev'd and a new RC should be cut. Is
there a way to name the versioning of the management pack so that it
indicates the oldest version of Metron that can be installed with that
version? So, in this case, maybe 0.3.1.0?
Also, I'm looking for volunteers to take
Good looking out, Jon!
I would recommend against version matching it with Metron. In the future,
the MPack will need to rev much less frequently than Metron, so MPack rev
x.x.x.x will install Metron y.y.y+. My read on the prior release bits is
that 0.3.0 is using MPack 1.0.0.0-SNAPSHOT, which is
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/438#discussion_r100379863
--- Diff:
metron-platform/metron-enrichment/src/main/java/org/apache/metron/threatintel/triage/ThreatTriageProcessor.java
---
@@ -52,15 +74,36
So I was spinning up the 0.3.1-RC3 candidate on my bare metal cluster today
and I noticed that when I generated the mpack it still had a version of
1.0.0.0. I double checked and made sure that the mpack existed in the
0.3.0 release
Github user nickwallen commented on the issue:
https://github.com/apache/incubator-metron/pull/422
I found myself having to manually do this all the time. I thought it
might be worthwhile to put the fix in, so that at least we have a record of it
working at some point in time.
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/422
@dlyle65535 I'm fine with holding off on it. I wasn't sure of the timing on
that, and I have been annoyed by this issue in my own testing in the interim.
@nickwallen You okay
Github user dlyle65535 commented on the issue:
https://github.com/apache/incubator-metron/pull/422
All of these files will go away as a result of
[PR-436](https://github.com/apache/incubator-metron/pull/436). Would you guys
be willing to hold off until I can get it completed and
Github user justinleet commented on the issue:
https://github.com/apache/incubator-metron/pull/422
+1, spun this up in quick dev, and it seems to work well and the UI reports
the timeout on status is 60 seconds. Thanks for grabbing this.
---
If your project is set up for it, you
GitHub user JonZeolla opened a pull request:
https://github.com/apache/incubator-metron/pull/447
METRON-708: Update metron documentation
Primarily these was an update of table formatting and fixing or improving
links in documentation. However some important content was changed, as
This is a call to vote on releasing Apache Metron 0.3.1-RC3 incubating
Full list of changes in this release:
https://dist.apache.org/repos/dist/dev/incubator/metron/0.3.1-RC3-incubating/CHANGES
The tag/commit to be voted upon is apache-metron-0.3.1-rc3-incubating:
The vote fails due to issues with the ansible deploy which have been
corrected as of METRON-707. RC3 will be out momentarily.
Results:
+1
Nick Allen
Anand Subramanian (non-binding)
Casey Stella
-1
James Sirota
Github user asfgit closed the pull request at:
https://github.com/apache/incubator-metron/pull/446
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the
Github user cestella commented on the issue:
https://github.com/apache/incubator-metron/pull/445
+1 by inspection
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and
34 matches
Mail list logo