Re: Apache Metron Logo Samples

+ 1 for this (option 3). I like it On 12/9/15, 3:09 PM, "Brad Kolarov" wrote: >I just remembered James liked the Apache Orc logo, this is for him. > >https://s3.amazonaws.com/metron-b23/Apache+Metron+sample+logo+3.png > > >Regards, > >bpk > > > > > > > > >On 12/9/15, 3:55 PM,

Re: Apache Metron Logo Samples

om my iPhone >>> >>>> On Dec 9, 2015, at 1:41 PM, larry mccay <larry.mc...@gmail.com> wrote: >>>> >>>> +1 option 3 - that's a good one to start with. >>>> >>>> On Wed, Dec 9, 2015 at 4:38 PM, Charles Porter >>>

Re: Hello

advantage of >more system memory if they have it. > > >On 12/9/15 4:32 PM, "James Sirota" <jsir...@hortonworks.com> wrote: > >>Hi Bryan, >> >>We had HSQLDB at one point, but we were struggling to make these bolts >>reliable. Also, the geo da

[GitHub] incubator-metron pull request: Initial code for a website

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/1#issuecomment-164838975 Just posed something to the dev list about this. Send me your ID and I'll add you --- If your project is set up for it, you can reply to this email

[GitHub] incubator-metron pull request: replace opensoc-streaming version 0...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/2#issuecomment-164857934 I actually don't have permissions to approve this pull request. let me see if i can figure out how to add the PMC members to a group that has these privs

Re: [DISCUSS] Metron Development Guidelines

art. > >On 12/12/15, 7:29 AM, "James Sirota" <jsir...@hortonworks.com> wrote: > >>Ok try now >> >> >> >> >>On 12/12/15, 8:26 AM, "Debo Dutta (dedutta)" <dedu...@cisco.com> wrote: >> >>>can¹t access the wiki &

Re: January 2016 Report

Is everyone OK with me filing this report? * Your project name Metron * A brief description of your project, which assumes no knowledge of the project or necessarily of its field A big data security analytics tool * A list of the three most important issues to address in the move

Re: January 2016 Report

it as is, but >it wouldn't hurt to consider my suggestions. > >Nice job on being attentive and making sure you report on time! > >-Taylor > > > >> On Jan 5, 2016, at 5:02 PM, James Sirota <jsir...@hortonworks.com> wrote: >> >> Looks like we are

Re: January 2016 Report

;> >>>> >>>> >>>> On 1/5/16, 4:54 PM, "P. Taylor Goetz" <ptgo...@gmail.com> wrote: >>>> >>>>> I think the project description should include a little more detail. >>>>> >>>>> You could also include

Re: January 2016 Report

>From: Andrew Hartnett <andrew.hartn...@rackspace.com> >Sent: Tuesday, January 5, 2016 9:29 AM >To: dev@metron.incubator.apache.org >Subject: COMMERCIAL:Re: January 2016 Report > >Ok by me, as well. > >Andrew Hartnett >Sr. Dev Warlord - Rackspace Managed Security >210.744.410

[DISCUSS] Metron Rules Engine Name

I wanted to brain storm possible names for the rules engine that Casey Stella created as a part of METRON-141 for doing alerts triaging. I propose calling it Stellar in honor of it's creator ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT

[GitHub] incubator-metron pull request: METRON-190: Make start_parser_topol...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/139#issuecomment-93764 The settings work, but I think you forgot to expose the parallelism hint. See this blog entry: https://storm.apache.org/releases/1.0.0/Understanding

[GitHub] incubator-metron pull request: METRON-189: Add the ability to do g...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/138#issuecomment-222346239 I think the documentation is misplaced. https://github.com/cestella/incubator-metron/tree/validation/metron-platform/metron-common is really good

[GitHub] incubator-metron pull request: METRON-190: Make start_parser_topol...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/139#issuecomment-222345898 +1. The only thing I would suggest would be to name the variable parallelism hint and not just parallelism because that name has meaning for someone who

[GitHub] incubator-metron pull request: METRON-183 Allow the simple hbase e...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/131#issuecomment-222347914 The docs should probably be moved out of common to the enrichment topology --- If your project is set up for it, you can reply to this email and have

[GitHub] incubator-metron pull request: METRON-178 Expose the filter capabi...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/129#issuecomment-222347803 Works. Great job! +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222563571 I was able to get past the previous error by uploading a new common jar. Now when the topology comes up it processes the CSV no problem. But, I only

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222565824 Another interesting thing that I think is a problem is that I sent it exactly 30 tuples. The spout acked 60 tuples (somehow doubled the count) and when

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222590012 Now getting the following error on the bro topology trying to enrich: 2016-05-31 04:24:05.212 o.a.k.c.n.Selector [WARN] Error in I/O with ip

Re: Secure code analysis

at route she would assist. >>  > > >> > >>  > > >> > I just think that if this is integrated from the beginning and >>  fail >>  > > >> builds >>  > > >> > on critical issues (to start), this could be a big differentiator, >>  > > >> > especially because we're talking about a security platform that >>  > > >> centralizes >>  > > >> > tons of sensitive information, tries to parse almost anything >>  that's >>  > > >> thrown >>  > > >> > at it (think of what's been happening to AV products recently), >>  and >>  > is >>  > > >> open >>  > > >> > source for bad guys to dig into much more easily. >>  > > >> > >>  > > >> > Jon >>  > > >> > >>  > > >> > On Fri, May 27, 2016, 09:34 Nick Allen <n...@nickallen.org> >>  wrote: >>  > > >> > >>  > > >> > > I am not aware of any discussions around this, Jon. What are >>  you >>  > > >> > thinking? >>  > > >> > > >>  > > >> > > On Thu, May 26, 2016 at 4:35 PM, zeo...@gmail.com < >>  > zeo...@gmail.com >>  > > > >>  > > >> > > wrote: >>  > > >> > > >>  > > >> > > > I was just wondering if there is any sort of static (or even >>  > > >> dynamic) >>  > > >> > > code >>  > > >> > > > analysis, or penetrating testing/vulnerability assessment, >>  > > >> occurring at >>  > > >> > > any >>  > > >> > > > point on the metron code. Has there been any discussion of >>  > > >> installing >>  > > >> > > > something along those lines on the Travis build server (if it >>  > > isn't >>  > > >> > there >>  > > >> > > > already)? Thanks, >>  > > >> > > > >>  > > >> > > > Jon >>  > > >> > > > -- >>  > > >> > > > >>  > > >> > > > Jon >>  > > >> > > > >>  > > >> > > >>  > > >> > > >>  > > >> > > >>  > > >> > > -- >>  > > >> > > Nick Allen <n...@nickallen.org> >>  > > >> > > >>  > > >> > -- >>  > > >> > >>  > > >> > Jon >>  > > >> > >>  > > >> >>  > > >> >>  > > >> >>  > > >> -- >>  > > >> Nick Allen <n...@nickallen.org> >>  > > >> >>  > > > -- >>  > > > >>  > > > Jon >>  > > > >>  > > -- >>  > > >>  > > Jon >>  > > >>  > >>  > >>  > >>  > -- >>  > Nick Allen <n...@nickallen.org> >>  > >>  -- >> >>  Jon > > -- > Nick Allen <n...@nickallen.org> ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hbase enrichm...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127 + 1. Had a kafka problem. Works great --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does

[GitHub] incubator-metron pull request: METRON-180 Enable each component to be instal...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/133 @nickwallen what set of commands should i run to validate this? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well

Re: Quick start deployment error

ot;type": "string"}, "roct": >>  {"type": >>  > "string"}, "rpkt": {"type": "string"}, "rtag": {"type": "string"}, "rtt": >>  > {"type": "string"}, "ruflags": {"type": "string"}, "sip": {"type": >>  > "string"}, "sp": {"type": "string"}, "tag": {"type": "string"}, >>  > "timestamp": {"format": "epoch_millis", "type": "date"}, "uflags": >>  {"type": >>  > "string", "template": "yaf_index*"}, "sensor": "yaf"}, "msg": "Status >>  > code was not [200]: HTTP Error 400: Bad Request", "redirected": false, >>  > "status": 400, "url": "http://node1:9200/_template/template_yaf"} >>  > failed: [node1] (item={u'sensor': u'snort', u'file': {'mappings': >>  > {'snort_doc': {'_timestamp': {'enabled': True}, 'properties': >>  > {'enrichments:geo:ip_dst_addr:location_point': {'type': 'geo_point'}, >>  > 'timestamp': {'type': 'date', 'format': 'epoch_millis', 'template': >>  > 'snort_index*'}}) => {"content": "", "content_length": "450", >>  > "content_type": "application/json; charset=UTF-8", "failed": true, >>  "item": >>  > {"file": {"mappings": {"snort_doc": {"_timestamp": {"enabled": true}, >>  > "properties": {"enrichments:geo:ip_dst_addr:location_point": {"type": >>  > "geo_point"}, "timestamp": {"format": "epoch_millis", "type": "date", >>  > "template": "snort_index*"}, "sensor": "snort"}, "msg": "Status code was >>  > not [200]: HTTP Error 400: Bad Request", "redirected": false, "status": >>  > 400, "url": "http://node1:9200/_template/template_snort"} >>  > to retry, use: --limit @../../playbooks/metron_full_install.retry >>  > >>  > PLAY RECAP >>  > * >>  > >>  > node1 : ok=70 changed=4 unreachable=0 >>  failed=1 >>  > >> >>  -- >>  Nick Allen <n...@nickallen.org> ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

Re: Packet capture support for Windows environment.

That's bit more promising. > > Will create a JIRA ticket for the feasibility of Windows support. > > Do you know any one who will be interested in Metron supporting Windows > packet captures (even as an experimental setup or for testing inside VMs) ? > > On Tuesday, 31 May 2016, James Siro

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222533633 /usr/metron/0.1BETA/bin/zk_load_configs.sh -m DUMP -z 1xxx:2181 log4j:WARN No appenders could be found for logger

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222534631 I built the jar from the branch and copied it out to an existing AWS cluster that I had. --- If your project is set up for it, you can reply

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222411369 FYI...for some reason the kafka topic does not always get auto created. I can't figure out what options cause it to not auto create. Also, some times

[GitHub] incubator-metron pull request: METRON-174 Storm consumption of hba...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/127#issuecomment-222414251 On AWS the following did not work: /usr/metron/0.1BETA/bin/start_parser_topology.sh -s user -k xxx:9092 -z xxx:2181 I got a: 41

[GitHub] incubator-metron issue #168: METRON-248 metron_example group_vars file is ou...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/168 +1 ran it up in AWS --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled

[GitHub] incubator-metron issue #167: METRON-246 metron_streaming role needs to expli...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/167 +1 Ran it up in AWS --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled

[GitHub] incubator-metron issue #166: METRON-247 Deployment fails on hosts with no 'e...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/166 +1 Ran it up on AWS --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled

[GitHub] incubator-metron issue #162: METRON-239: NOOP Bulk Message Writer

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/162 +1 from me. this feature is needed to aid in debugging --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

[VOTE] Releasing Apache Metron 0.2.0BETA-RC1

... ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

[GitHub] incubator-metron issue #164: METRON-244 Added Documentation

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/164 +1 The more documentation the better --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have

[GitHub] incubator-metron issue #169: METRON-252 Metron Dashboard Can Be Broken By Ad...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/169 + 1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

[GitHub] incubator-metron issue #158: METRON-219 Create Default Metron Dashboard for ...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/158 +1. Ran it up on vagrant and got it to work --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does

[GitHub] incubator-metron issue #171: METRON-254 pcap inspector emits fields that are...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/171 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

[GitHub] incubator-metron issue #157: METRON-224 Metron should build from top-level d...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/157 + 1 was able to build from the top level pom. passing tests. thanks for your contribution, dave --- If your project is set up for it, you can reply to this email and have your

[GitHub] incubator-metron issue #156: METRON-235 Expose filtering capability for PCAP...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/156 I agree with Casey. We need more docs on the CLI. What can I query for? Which commands should I run to validate this? --- If your project is set up for it, you can reply

[GitHub] incubator-metron issue #153: Fixed error when start up the system.

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/153 Here are instructions on downgrading ansible. https://cwiki.apache.org/confluence/display/METRON/Downgrade+Ansible Can this pull request be closed? --- If your project is set up

[GitHub] incubator-metron issue #174: METRON-249: Field Transformation functions fail...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/174 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

[VOTE] Releasing Apache Metron 0.2.0BETA-RC2

will be open for at least 72 hours. [ ] +1 Release this package as Apache Metron 0.2.0BETA-RC2 incubating [ ] 0 No opinion [ ] -1 Do not release this package because... ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

Re: [VOTE] Releasing Apache Metron 0.2.0BETA-RC2

+1 on my end on this release. I ran it up in AWS and vagrant and tested it extensively. 24.06.2016, 16:19, "James Sirota" <jsir...@apache.org>: > his is a call to > vote on releasing Apache Metron 0.2.0BETA-RC2 incubating > Full list of changes in this release: &g

[GitHub] incubator-metron issue #176: METRON-259 Using 'any' for Snort's HOME_NETWORK

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/176 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

Re: Metron architecture

Aaron, Our existing architecture is shown here: https://cwiki.apache.org/confluence/display/METRON/Metron+Architecture Thanks, James On 2/8/16, 1:42 PM, "Aaron.Dossett" wrote: >My pleasure, Larry. METRON-26 created. > >On 2/8/16, 2:38 PM, "larry mccay"

Metron Release Manager

Per Apache process we need to nominate a Release Manager and create a release branch for this release. I want to nominate myself as a release manager for the next few builds unless someone else wishes to perform this role. Thanks, James

Re: singing up for metron lists

lt;mailto:private-subscr...@metron.incubator.apache.org> -Taylor On Jan 28, 2016, at 2:01 PM, James Sirota <jsir...@hortonworks.com<mailto:jsir...@hortonworks.com>> wrote: <list-subscr...@metron.apache.org<mailto:list-subscr...@metron.apache.org>>: Sorry, no mailbox here

singing up for metron lists

We are having a problem getting a couple of our guys signed up for the Metron dev lists. Is anyone else having this problem? Who do we contact to resolve this? Thanks, James

Re: February 2016 Report

Here is the report I will be filing unless anyone objects… Metron Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing,

Metron Jan release

Per our previous discussion thread we want Metron to do monthly releases. I think we are ready to cut our first Apache release of Metron so we can get through the Apache release process and understand what it takes to get a release out. Mentors, can you point us to documentation for doing a

[GitHub] incubator-metron pull request: METRON-35 Implement threat intellig...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/22#issuecomment-184695462 +1 from me as well. Great job --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

[VOTE] Metron_0.1BETA release

I am putting up for a vote our first Apache release. Many thanks to all who have contributed. As previously discussed we will be on a monthly release cadence. This is the delayed Jan build (delayed due to setting up internal infrastructure and has nothing to do with Metron). The release

[VOTE] Release of Metron_0.1BETA_rc3

A tag has been created for Metron_0.1BETA_rc3: https://git-wip-us.apache.org/repos/asf?p=incubator-metron.git;a=shortlog;h=refs/tags/Metron_0.1BETA_rc3 With a Git hash: 5ceee2a44ff777d3e980406c4a70efc9297e5350 And a KEYS file:

Re: [VOTE] Release of Metron_0.1BETA_rc3

;> >> > > >> >> > > Metro should have a staging directory inside of: >> >> > > https://dist.apache.org/repos/dist/dev/incubator/. >> >> > > >> >> > > I notice that there is already a release dir: >> >> >

Re: [VOTE] Release of Metron_0.1BETA_rc5

+1 (Binding) I verified the release and everything works Thanks, James On 3/28/16, 5:23 PM, "James Sirota" <jsir...@hortonworks.com> wrote: >Hi Taylor, > >The keys file is included in the staging directory in Apache > >http://home.apache.org/~jsirota/met

[RESULT][Vote] release of Metron_0.1BETA_rc7

helpful to know what changed between this and the last RC. >Was it just the snort URLs? > >Release votes also need to run for at least 72 hours and closed with either a >RESULT or CANCELED. > >-Taylor > >> On Apr 4, 2016, at 12:08 PM, James Sirota <jsir...@hortonwo

Re: Board Report

All done. Posted here: https://wiki.apache.org/incubator/April2016 Special thanks to Casey for helping out James On 4/5/16, 7:34 PM, "Casey Stella" wrote: >I can cover if needed, but I suspect James will do it tomorrow. > >On Tue, Apr 5, 2016 at 10:07 PM, P. Taylor

[ANOUNUCE] Metron IRC Channel

Thanks to Debo we now have IRC chat for Metron so we can all talk in real time. /join #apache-metron-dev

Re: Introduction

Hi Houshang, Great to have you join the community. Do you have a couple of ideas you can volunteer as to improving our website? Perhaps our logo as well? We haven’t spent a ton of time working on our website so it would be nice to get it refreshed. Thanks, James On 4/11/16, 6:12 PM,

Re: [DISCUSS] Project reorganization

I’d be open to an IRC channel. Does anyone know if Apache allows this? If yes, does anyone know how to set one up? Thanks, James On 4/10/16, 4:52 PM, "Debojyoti Dutta" wrote: >Hi Nick > >I like your suggestions. For the enrichment layer do you think it would also

Re: [DISCUSS] Multitenancy for Metron

ssing (Bro log, pcap, etc. >access). Of course, this is very sensitive stuff, highly >compartmentalized, and somewhat dynamic (subnets fluctuate on a weekly >basis), so it needs to be server side access control. > >Happy to discuss further, > >Jon > >On Sun, Apr 10, 2016, 1

Re: [DISCUSS] Project reorganization

I would put integration test framework into common (since all modules share this). I would also put a unit test framework that other projects can extend into common as well. I would then have each individual module extend the frameworks from common. I don’t think I would want the tests

Re: Introduction.

Hi Chokha, Welcome to the community. Which part of Metron most interests you? What kinds of features would you like to work on? Thanks, James On 4/10/16, 2:04 PM, "Chokha Palayamkottai" wrote: >Hello, > >My name is Chokha and I would like to contribute to

[DISCUSS] Multitenancy for Metron

Hi Guys, As a community we probably need to tackle the question of how we handle multi tenancy with Metron and John is already starting to ask the right questions. I wanted to open this up for a community discussion. What does multi tenancy mean to you and ideally how would you like Metron

Re: [DISCUSS] Project reorganization

Hi Nick, Threat intel is almost like an enrichment. A telemetry feed gets cross-referenced against a threat intel feed (think pivot tables), but threat intel in itself is not a telemetry. Metron’s storm topologies parse out individual attributes from telemetries like IDS alerts, OS logs,

Re: Introduction.

bolt (METRON-65 ?) among >other things. Data loads and deployment scripts interests me as well. > >Best, >Chokha. > > > >On 4/10/16 5:34 PM, James Sirota wrote: >> Hi Chokha, >> >> Welcome to the community. Which part of Metron most interests you? What >

Re: [DISCUSS] Project reorganization

Great, thanks, Debo. Where can I find instructions on how to get to it? Thanks, James On 4/11/16, 9:41 AM, "Debo Dutta (dedutta)" <dedu...@cisco.com> wrote: >Hi James > >Ok set it up and ack ….. > >Thx > > > > > >On 4/10/16, 6:31 PM, "

[GitHub] incubator-metron pull request: Adding travis stuff

Github user james-sirota closed the pull request at: https://github.com/apache/incubator-metron/pull/60 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

[GitHub] incubator-metron pull request: Adding travis stuff

GitHub user james-sirota opened a pull request: https://github.com/apache/incubator-metron/pull/60 Adding travis stuff You can merge this pull request into a Git repository by running: $ git pull https://github.com/james-sirota/incubator-metron master Alternatively you can

[GitHub] incubator-metron pull request: Travis changes

Github user james-sirota closed the pull request at: https://github.com/apache/incubator-metron/pull/61 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

Re: [VOTE] Release of Metron_0.1BETA_rc5

Small correction on the validation instructions. For Step 1, execute the mvn command from incubator-metron/ and not incubator-metron/metron-streaming/ Thanks, James On 3/22/16, 3:56 PM, "James Sirota" <jsir...@hortonworks.com> wrote: > >A tag has been created

Re: March 2016 Report

Metron Metron integrates a variety of open source big data technologies in order to offer a centralized tool for security monitoring and analysis. Metron provides capabilities for log aggregation, full packet capture indexing, storage, advanced behavioral analytics and data enrichment, while

Re: [Vote] Release of Apache Metron 0.1BETA-RC6

+ 1 (binding) On 3/30/16, 8:58 AM, "James Sirota" <jsir...@hortonworks.com> wrote: >This is a call to vote on releasing Apache Metron 0.1BETA-RC6 > >Full list of changes in this release: > >https://dist.apache.org/repos/dist/dev/incubator/metron/0.1BETA-RC

[GitHub] incubator-metron pull request: Rerunning playbook halts due to hdf...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/62#issuecomment-202254606 Thanks for the contribution. Will verify shortly --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub

Re: [DISCUSS] Project reorganization

ughts? > >Ryan Merriman > > >On 4/11/16, 4:15 PM, "Debojyoti Dutta" <ddu...@gmail.com> wrote: > >>If you load up your Irc client just type >>/join #apache-metron-dev >> >>Sent from my iPhone >> >>> On Apr 11, 2016, at 12:06 PM,

Re: [DISCUSS] Metron assessment tool

>>3. Size of each workers (in memory)? >>4. Supervisor memory settings >> >>The assessment tool should also be used to size topologies correctly as >>well. >> >>Tuning Kafka, Hbase and Solr/Elastic should also be governed by the Metron >>assessment tool

Re: [DISCUSS] Metron Logo Options

Hi Guys, I think Metron is intended for the security use case and there is no community discussion as far as I am aware to take it into a more general direction. I personally think Metron needs to stay security focused and focus on it’s mission at hand. I think the logo needs to communicate

Re: Metron Meetup in DC on 5/4

I’m going to be there! On 4/26/16, 3:01 AM, "George Vetticaden" wrote: >We are planning a Metron Meetup near DC on 5/4. If you are in the area, please >join us. >Here is the info: >http://www.meetup.com/futureofdata-arlington/events/230498228/ > >

Re: Documentation standard

The code-level documentation should live in Github. Architecture and high-level documentation should live on the Wiki. The Wiki should be the entry point for anyone to get familiar with the project and should reference the Github docs for low-level details. This is the intent with the docs

Re: [DISCUSS] New Incubator Website

t; > > > Mobile: (831) 521-4176<tel:(831)%20521-4176> > hliv...@hortonworks.com<mailto:hliv...@hortonworks.com> > ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

Re: [DISCUSS] UI Requirements Meeting

I’ll try to make it On 5/3/16, 7:17 AM, "Houshang Livian" wrote: >Hey Team, > >Let’s get together this Thursday to discuss some future facing ideas for the >next generation of Metron’s Interface. > >The UI Requirements Meeting has changed platforms from WebEx to

[GitHub] incubator-metron pull request: METRON-130 Create pre-loaded Hadoop...

Github user james-sirota commented on the pull request: https://github.com/apache/incubator-metron/pull/101#issuecomment-216906351 + 1, was able to pull down a VM --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

Re: [DISCUSS] Metron assessment tool

gt;sets at the assessment tool, it builds metrics on the input (for example: >count the number of packets per second) and then we use those metrics to >estimate cluster size. > >On Wed, Apr 13, 2016 at 5:45 PM, James Sirota <jsir...@hortonworks.com> >wrote: > >> That

Re: Metron Logo

I don’t think it’s terrible, but it’s not reflective of what Metron is about. I think it needs to be something security analytics related On 4/15/16, 10:10 AM, "Dave Hirko" wrote: >+1 (its terrible) > >Dave Hirko | d...@b23.io | 571.421.7729 > > > > > > > > >On 4/15/16, 1:09

Re: Dev Env Setup Instructions

George, Thanks for the contribution. This is great. Going forward I think we’ll need to make these instructions more generic, but this is a great start Thanks, James On 4/15/16, 9:31 AM, "George Vetticaden" wrote: >I have goten a lot of questions/interests

[DISCUSS] Tagging Jira's for newbies

Hi Guys, As we are picking up more community members I think we need to start tagging Jira’s with “complexity labels” and building up a pool of Jiras that newbies can work on. I wanted to open this up to the community to see how we wanted to handle that. What should these labels be and how

Re: [DISCUSS] Project reorganization

>> >>Thanks, >>Frank Lu >> >> >> >> >>On 4/18/16, 3:05 PM, "Ryan Merriman" <rmerri...@hortonworks.com> wrote: >> >>>All, >>> >>>I put together a list of all the project java assets that detai

Re: [DISCUSS] Metron Logo Options

#1 does look like Metaspoit, but I think that’s the right direction. It’s sort of security(ish). I’d like to dig into that some more On 4/18/16, 12:22 PM, "zeo...@gmail.com" wrote: >The first looks a little to close to Metasploit for my comfort. I have no >opinion on

Re: [DISCUSS] Metron assessment tool

for n-sized time bins. What specific requirements do you have in mind? Thanks, James 12.07.2016, 14:41, "zeo...@gmail.com" <zeo...@gmail.com>: > I can definitely give it a shot. A kickstart would be appreciated. > > Jom > > On Tue, Jul 12, 2016, 17:17 James Si

Re: [DISCUSS] Metron assessment tool

> - To understand Netflow rates, it would watch for Netflow packets >>  and >>  > > count those. >>  > > - To understand sizing around application logs, a sensor would watch >>  > for >>  > > Syslog packets and count those. >>  > > >>

[RESULT] [VOTE] Releasing Apache Metron 0.2.0BETA-RC3

Vote passes with 4 binding +1s: James Sirota Ryan Merriman Casey Stella Debo Dutta There were no -1s. Thanks to everyone who voted. Will advance to incubator vote 25.07.2016, 07:39, "Ryan Merriman" <rmerri...@hortonworks.com>: > +1 > > On 7/25/16, 9:32 AM, "Cas

Re: Contribution!

to the > Metron in field of Data Science(Statistical and Machine Learning). Can some > one help me provide data and quick instructions on how I can be of help. > > Thanks, > Jeevan ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

[GitHub] incubator-metron issue #205: METRON-339: Create YARN app to deploy endpoints

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/205 +1 i got this to work in quickdev --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have

[GitHub] incubator-metron issue #205: METRON-339: Create YARN app to deploy endpoints

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/205 great job by the way. this looks great --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have

Re: [VOTE] Releasing Apache Metron 0.2.0BETA-RC3

+1 from me 20.07.2016, 11:37, "James Sirota" <jsir...@hortonworks.com>: > This release is exactly the same as RC2, but the Mozilla licensed file was > removed so it doesn’t cause problems for us on the incubator general boards. > We no longer use it so we just remov

[VOTE] Releasing Apache Metron 0.2.0BETA-RC3

This release is exactly the same as RC2, but the Mozilla licensed file was removed so it doesn’t cause problems for us on the incubator general boards. We no longer use it so we just removed it. This is a call to vote on releasing Apache Metron 0.2.0BETA-RC3 incubating Full list of changes in

[GitHub] incubator-metron issue #190: METRON-306: Create Docker container for RPM cre...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/190 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

[GitHub] incubator-metron issue #186: METRON-298 Remove the effective_tld_names.dat f...

Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/186 +1 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so

Re: Metron-265 Model as a Service

ty comment on the JIRA ( > https://issues.apache.org/jira/browse/METRON-265). The proposed > architecture is attached as a document to that JIRA. > > I look forward to feedback! > > Best, > > Casey ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

Re: Podling Report Reminder - July 2016

ntors should review reports for their project(s) and sign them off on > the Incubator wiki page. Signing off reports shows that you are > following the project - projects that are not signed may raise alarms > for the Incubator PMC. > > Incubator PMC ---  Thank you, James Sirota PPMC- Apache Metron (Incubating) jsirota AT apache DOT org

  1   2   3   4   >