+ 1 for this (option 3). I like it
On 12/9/15, 3:09 PM, "Brad Kolarov" wrote:
>I just remembered James liked the Apache Orc logo, this is for him.
>
>https://s3.amazonaws.com/metron-b23/Apache+Metron+sample+logo+3.png
>
>
>Regards,
>
>bpk
>
>
>
>
>
>
>
>
>On 12/9/15, 3:55 PM,
om my iPhone
>>>
>>>> On Dec 9, 2015, at 1:41 PM, larry mccay <larry.mc...@gmail.com> wrote:
>>>>
>>>> +1 option 3 - that's a good one to start with.
>>>>
>>>> On Wed, Dec 9, 2015 at 4:38 PM, Charles Porter
>>>
advantage of
>more system memory if they have it.
>
>
>On 12/9/15 4:32 PM, "James Sirota" <jsir...@hortonworks.com> wrote:
>
>>Hi Bryan,
>>
>>We had HSQLDB at one point, but we were struggling to make these bolts
>>reliable. Also, the geo da
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/1#issuecomment-164838975
Just posed something to the dev list about this. Send me your ID and I'll
add you
---
If your project is set up for it, you can reply to this email
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/2#issuecomment-164857934
I actually don't have permissions to approve this pull request. let me see
if i can figure out how to add the PMC members to a group that has these privs
art.
>
>On 12/12/15, 7:29 AM, "James Sirota" <jsir...@hortonworks.com> wrote:
>
>>Ok try now
>>
>>
>>
>>
>>On 12/12/15, 8:26 AM, "Debo Dutta (dedutta)" <dedu...@cisco.com> wrote:
>>
>>>can¹t access the wiki
&
Is everyone OK with me filing this report?
* Your project name
Metron
* A brief description of your project, which assumes no knowledge of the
project or necessarily of its field
A big data security analytics tool
* A list of the three most important issues to address in the move
it as is, but
>it wouldn't hurt to consider my suggestions.
>
>Nice job on being attentive and making sure you report on time!
>
>-Taylor
>
>
>
>> On Jan 5, 2016, at 5:02 PM, James Sirota <jsir...@hortonworks.com> wrote:
>>
>> Looks like we are
;>
>>>>
>>>>
>>>> On 1/5/16, 4:54 PM, "P. Taylor Goetz" <ptgo...@gmail.com> wrote:
>>>>
>>>>> I think the project description should include a little more detail.
>>>>>
>>>>> You could also include
>From: Andrew Hartnett <andrew.hartn...@rackspace.com>
>Sent: Tuesday, January 5, 2016 9:29 AM
>To: dev@metron.incubator.apache.org
>Subject: COMMERCIAL:Re: January 2016 Report
>
>Ok by me, as well.
>
>Andrew Hartnett
>Sr. Dev Warlord - Rackspace Managed Security
>210.744.410
I wanted to brain storm possible names for the rules engine that Casey Stella
created as a part of METRON-141 for doing alerts triaging. I propose calling
it Stellar in honor of it's creator
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/139#issuecomment-93764
The settings work, but I think you forgot to expose the parallelism hint.
See this blog entry:
https://storm.apache.org/releases/1.0.0/Understanding
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/138#issuecomment-222346239
I think the documentation is misplaced.
https://github.com/cestella/incubator-metron/tree/validation/metron-platform/metron-common
is really good
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/139#issuecomment-222345898
+1. The only thing I would suggest would be to name the variable
parallelism hint and not just parallelism because that name has meaning for
someone who
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/131#issuecomment-222347914
The docs should probably be moved out of common to the enrichment topology
---
If your project is set up for it, you can reply to this email and have
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/129#issuecomment-222347803
Works. Great job! +1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222563571
I was able to get past the previous error by uploading a new common jar.
Now when the topology comes up it processes the CSV no problem. But, I only
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222565824
Another interesting thing that I think is a problem is that I sent it
exactly 30 tuples. The spout acked 60 tuples (somehow doubled the count) and
when
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222590012
Now getting the following error on the bro topology trying to enrich:
2016-05-31 04:24:05.212 o.a.k.c.n.Selector [WARN] Error in I/O with ip
at route she would assist.
>> > > >> >
>> > > >> > I just think that if this is integrated from the beginning and
>> fail
>> > > >> builds
>> > > >> > on critical issues (to start), this could be a big differentiator,
>> > > >> > especially because we're talking about a security platform that
>> > > >> centralizes
>> > > >> > tons of sensitive information, tries to parse almost anything
>> that's
>> > > >> thrown
>> > > >> > at it (think of what's been happening to AV products recently),
>> and
>> > is
>> > > >> open
>> > > >> > source for bad guys to dig into much more easily.
>> > > >> >
>> > > >> > Jon
>> > > >> >
>> > > >> > On Fri, May 27, 2016, 09:34 Nick Allen <n...@nickallen.org>
>> wrote:
>> > > >> >
>> > > >> > > I am not aware of any discussions around this, Jon. What are
>> you
>> > > >> > thinking?
>> > > >> > >
>> > > >> > > On Thu, May 26, 2016 at 4:35 PM, zeo...@gmail.com <
>> > zeo...@gmail.com
>> > > >
>> > > >> > > wrote:
>> > > >> > >
>> > > >> > > > I was just wondering if there is any sort of static (or even
>> > > >> dynamic)
>> > > >> > > code
>> > > >> > > > analysis, or penetrating testing/vulnerability assessment,
>> > > >> occurring at
>> > > >> > > any
>> > > >> > > > point on the metron code. Has there been any discussion of
>> > > >> installing
>> > > >> > > > something along those lines on the Travis build server (if it
>> > > isn't
>> > > >> > there
>> > > >> > > > already)? Thanks,
>> > > >> > > >
>> > > >> > > > Jon
>> > > >> > > > --
>> > > >> > > >
>> > > >> > > > Jon
>> > > >> > > >
>> > > >> > >
>> > > >> > >
>> > > >> > >
>> > > >> > > --
>> > > >> > > Nick Allen <n...@nickallen.org>
>> > > >> > >
>> > > >> > --
>> > > >> >
>> > > >> > Jon
>> > > >> >
>> > > >>
>> > > >>
>> > > >>
>> > > >> --
>> > > >> Nick Allen <n...@nickallen.org>
>> > > >>
>> > > > --
>> > > >
>> > > > Jon
>> > > >
>> > > --
>> > >
>> > > Jon
>> > >
>> >
>> >
>> >
>> > --
>> > Nick Allen <n...@nickallen.org>
>> >
>> --
>>
>> Jon
>
> --
> Nick Allen <n...@nickallen.org>
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127
+ 1. Had a kafka problem. Works great
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/133
@nickwallen what set of commands should i run to validate this?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well
ot;type": "string"}, "roct":
>> {"type":
>> > "string"}, "rpkt": {"type": "string"}, "rtag": {"type": "string"}, "rtt":
>> > {"type": "string"}, "ruflags": {"type": "string"}, "sip": {"type":
>> > "string"}, "sp": {"type": "string"}, "tag": {"type": "string"},
>> > "timestamp": {"format": "epoch_millis", "type": "date"}, "uflags":
>> {"type":
>> > "string", "template": "yaf_index*"}, "sensor": "yaf"}, "msg": "Status
>> > code was not [200]: HTTP Error 400: Bad Request", "redirected": false,
>> > "status": 400, "url": "http://node1:9200/_template/template_yaf"}
>> > failed: [node1] (item={u'sensor': u'snort', u'file': {'mappings':
>> > {'snort_doc': {'_timestamp': {'enabled': True}, 'properties':
>> > {'enrichments:geo:ip_dst_addr:location_point': {'type': 'geo_point'},
>> > 'timestamp': {'type': 'date', 'format': 'epoch_millis', 'template':
>> > 'snort_index*'}}) => {"content": "", "content_length": "450",
>> > "content_type": "application/json; charset=UTF-8", "failed": true,
>> "item":
>> > {"file": {"mappings": {"snort_doc": {"_timestamp": {"enabled": true},
>> > "properties": {"enrichments:geo:ip_dst_addr:location_point": {"type":
>> > "geo_point"}, "timestamp": {"format": "epoch_millis", "type": "date",
>> > "template": "snort_index*"}, "sensor": "snort"}, "msg": "Status code was
>> > not [200]: HTTP Error 400: Bad Request", "redirected": false, "status":
>> > 400, "url": "http://node1:9200/_template/template_snort"}
>> > to retry, use: --limit @../../playbooks/metron_full_install.retry
>> >
>> > PLAY RECAP
>> > *
>> >
>> > node1 : ok=70 changed=4 unreachable=0
>> failed=1
>> >
>>
>> --
>> Nick Allen <n...@nickallen.org>
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
That's bit more promising.
>
> Will create a JIRA ticket for the feasibility of Windows support.
>
> Do you know any one who will be interested in Metron supporting Windows
> packet captures (even as an experimental setup or for testing inside VMs) ?
>
> On Tuesday, 31 May 2016, James Siro
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222533633
/usr/metron/0.1BETA/bin/zk_load_configs.sh -m DUMP -z 1xxx:2181
log4j:WARN No appenders could be found for logger
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222534631
I built the jar from the branch and copied it out to an existing AWS
cluster that I had.
---
If your project is set up for it, you can reply
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222411369
FYI...for some reason the kafka topic does not always get auto created. I
can't figure out what options cause it to not auto create. Also, some times
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/127#issuecomment-222414251
On AWS the following did not work:
/usr/metron/0.1BETA/bin/start_parser_topology.sh -s user -k xxx:9092 -z
xxx:2181
I got a:
41
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/168
+1 ran it up in AWS
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/167
+1 Ran it up in AWS
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/166
+1 Ran it up on AWS
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/162
+1 from me. this feature is needed to aid in debugging
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your
...
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/164
+1 The more documentation the better
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/169
+ 1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/158
+1. Ran it up on vagrant and got it to work
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/171
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/157
+ 1 was able to build from the top level pom. passing tests. thanks for
your contribution, dave
---
If your project is set up for it, you can reply to this email and have your
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/156
I agree with Casey. We need more docs on the CLI. What can I query for?
Which commands should I run to validate this?
---
If your project is set up for it, you can reply
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/153
Here are instructions on downgrading ansible.
https://cwiki.apache.org/confluence/display/METRON/Downgrade+Ansible Can this
pull request be closed?
---
If your project is set up
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/174
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
will be open for at least 72 hours.
[ ] +1 Release this package as Apache Metron 0.2.0BETA-RC2 incubating
[ ] 0 No opinion
[ ] -1 Do not release this package because...
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
+1 on my end on this release. I ran it up in AWS and vagrant and tested it
extensively.
24.06.2016, 16:19, "James Sirota" <jsir...@apache.org>:
> his is a call to
> vote on releasing Apache Metron 0.2.0BETA-RC2 incubating
> Full list of changes in this release:
&g
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/176
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
Aaron,
Our existing architecture is shown here:
https://cwiki.apache.org/confluence/display/METRON/Metron+Architecture
Thanks,
James
On 2/8/16, 1:42 PM, "Aaron.Dossett" wrote:
>My pleasure, Larry. METRON-26 created.
>
>On 2/8/16, 2:38 PM, "larry mccay"
Per Apache process we need to nominate a Release Manager and create a release
branch for this release. I want to nominate myself as a release manager for
the next few builds unless someone else wishes to perform this role.
Thanks,
James
lt;mailto:private-subscr...@metron.incubator.apache.org>
-Taylor
On Jan 28, 2016, at 2:01 PM, James Sirota
<jsir...@hortonworks.com<mailto:jsir...@hortonworks.com>> wrote:
<list-subscr...@metron.apache.org<mailto:list-subscr...@metron.apache.org>>:
Sorry, no mailbox here
We are having a problem getting a couple of our guys signed up for the Metron
dev lists. Is anyone else having this problem? Who do we contact to resolve
this?
Thanks,
James
Here is the report I will be filing unless anyone objects…
Metron
Metron integrates a variety of open source big data technologies
in order to offer a centralized tool for security monitoring and analysis.
Metron
provides capabilities for log aggregation, full packet capture indexing,
Per our previous discussion thread we want Metron to do monthly releases. I
think we are ready to cut our first Apache release of Metron so we can get
through the Apache release process and understand what it takes to get a
release out. Mentors, can you point us to documentation for doing a
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/22#issuecomment-184695462
+1 from me as well. Great job
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your
I am putting up for a vote our first Apache release. Many thanks to all who
have contributed. As previously discussed we will be on a monthly release
cadence. This is the delayed Jan build (delayed due to setting up internal
infrastructure and has nothing to do with Metron). The release
A tag has been created for Metron_0.1BETA_rc3:
https://git-wip-us.apache.org/repos/asf?p=incubator-metron.git;a=shortlog;h=refs/tags/Metron_0.1BETA_rc3
With a Git hash:
5ceee2a44ff777d3e980406c4a70efc9297e5350
And a KEYS file:
;> >> > >
>> >> > > Metro should have a staging directory inside of:
>> >> > > https://dist.apache.org/repos/dist/dev/incubator/.
>> >> > >
>> >> > > I notice that there is already a release dir:
>> >> >
+1 (Binding)
I verified the release and everything works
Thanks,
James
On 3/28/16, 5:23 PM, "James Sirota" <jsir...@hortonworks.com> wrote:
>Hi Taylor,
>
>The keys file is included in the staging directory in Apache
>
>http://home.apache.org/~jsirota/met
helpful to know what changed between this and the last RC.
>Was it just the snort URLs?
>
>Release votes also need to run for at least 72 hours and closed with either a
>RESULT or CANCELED.
>
>-Taylor
>
>> On Apr 4, 2016, at 12:08 PM, James Sirota <jsir...@hortonwo
All done. Posted here:
https://wiki.apache.org/incubator/April2016
Special thanks to Casey for helping out
James
On 4/5/16, 7:34 PM, "Casey Stella" wrote:
>I can cover if needed, but I suspect James will do it tomorrow.
>
>On Tue, Apr 5, 2016 at 10:07 PM, P. Taylor
Thanks to Debo we now have IRC chat for Metron so we can all talk in real time.
/join #apache-metron-dev
Hi Houshang,
Great to have you join the community. Do you have a couple of ideas you can
volunteer as to improving our website? Perhaps our logo as well? We haven’t
spent a ton of time working on our website so it would be nice to get it
refreshed.
Thanks,
James
On 4/11/16, 6:12 PM,
I’d be open to an IRC channel. Does anyone know if Apache allows this? If
yes, does anyone know how to set one up?
Thanks,
James
On 4/10/16, 4:52 PM, "Debojyoti Dutta" wrote:
>Hi Nick
>
>I like your suggestions. For the enrichment layer do you think it would also
ssing (Bro log, pcap, etc.
>access). Of course, this is very sensitive stuff, highly
>compartmentalized, and somewhat dynamic (subnets fluctuate on a weekly
>basis), so it needs to be server side access control.
>
>Happy to discuss further,
>
>Jon
>
>On Sun, Apr 10, 2016, 1
I would put integration test framework into common (since all modules share
this). I would also put a unit test framework that other projects can extend
into common as well. I would then have each individual module extend the
frameworks from common. I don’t think I would want the tests
Hi Chokha,
Welcome to the community. Which part of Metron most interests you? What kinds
of features would you like to work on?
Thanks,
James
On 4/10/16, 2:04 PM, "Chokha Palayamkottai" wrote:
>Hello,
>
>My name is Chokha and I would like to contribute to
Hi Guys,
As a community we probably need to tackle the question of how we handle multi
tenancy with Metron and John is already starting to ask the right questions. I
wanted to open this up for a community discussion. What does multi tenancy
mean to you and ideally how would you like Metron
Hi Nick,
Threat intel is almost like an enrichment. A telemetry feed gets
cross-referenced against a threat intel feed (think pivot tables), but threat
intel in itself is not a telemetry. Metron’s storm topologies parse out
individual attributes from telemetries like IDS alerts, OS logs,
bolt (METRON-65 ?) among
>other things. Data loads and deployment scripts interests me as well.
>
>Best,
>Chokha.
>
>
>
>On 4/10/16 5:34 PM, James Sirota wrote:
>> Hi Chokha,
>>
>> Welcome to the community. Which part of Metron most interests you? What
>
Great, thanks, Debo. Where can I find instructions on how to get to it?
Thanks,
James
On 4/11/16, 9:41 AM, "Debo Dutta (dedutta)" <dedu...@cisco.com> wrote:
>Hi James
>
>Ok set it up and ack …..
>
>Thx
>
>
>
>
>
>On 4/10/16, 6:31 PM, "
Github user james-sirota closed the pull request at:
https://github.com/apache/incubator-metron/pull/60
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
GitHub user james-sirota opened a pull request:
https://github.com/apache/incubator-metron/pull/60
Adding travis stuff
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/james-sirota/incubator-metron master
Alternatively you can
Github user james-sirota closed the pull request at:
https://github.com/apache/incubator-metron/pull/61
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
Small correction on the validation instructions. For Step 1, execute the mvn
command from incubator-metron/ and not incubator-metron/metron-streaming/
Thanks,
James
On 3/22/16, 3:56 PM, "James Sirota" <jsir...@hortonworks.com> wrote:
>
>A tag has been created
Metron
Metron integrates a variety of open source big data technologies
in order to offer a centralized tool for security monitoring and analysis.
Metron
provides capabilities for log aggregation, full packet capture indexing,
storage,
advanced behavioral analytics and data enrichment, while
+ 1 (binding)
On 3/30/16, 8:58 AM, "James Sirota" <jsir...@hortonworks.com> wrote:
>This is a call to vote on releasing Apache Metron 0.1BETA-RC6
>
>Full list of changes in this release:
>
>https://dist.apache.org/repos/dist/dev/incubator/metron/0.1BETA-RC
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/62#issuecomment-202254606
Thanks for the contribution. Will verify shortly
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub
ughts?
>
>Ryan Merriman
>
>
>On 4/11/16, 4:15 PM, "Debojyoti Dutta" <ddu...@gmail.com> wrote:
>
>>If you load up your Irc client just type
>>/join #apache-metron-dev
>>
>>Sent from my iPhone
>>
>>> On Apr 11, 2016, at 12:06 PM,
>>3. Size of each workers (in memory)?
>>4. Supervisor memory settings
>>
>>The assessment tool should also be used to size topologies correctly as
>>well.
>>
>>Tuning Kafka, Hbase and Solr/Elastic should also be governed by the Metron
>>assessment tool
Hi Guys,
I think Metron is intended for the security use case and there is no community
discussion as far as I am aware to take it into a more general direction. I
personally think Metron needs to stay security focused and focus on it’s
mission at hand. I think the logo needs to communicate
I’m going to be there!
On 4/26/16, 3:01 AM, "George Vetticaden" wrote:
>We are planning a Metron Meetup near DC on 5/4. If you are in the area, please
>join us.
>Here is the info:
>http://www.meetup.com/futureofdata-arlington/events/230498228/
>
>
The code-level documentation should live in Github. Architecture and
high-level documentation should live on the Wiki. The Wiki should be the entry
point for anyone to get familiar with the project and should reference the
Github docs for low-level details. This is the intent with the docs
t;
>
>
> Mobile: (831) 521-4176<tel:(831)%20521-4176>
> hliv...@hortonworks.com<mailto:hliv...@hortonworks.com>
>
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
I’ll try to make it
On 5/3/16, 7:17 AM, "Houshang Livian" wrote:
>Hey Team,
>
>Let’s get together this Thursday to discuss some future facing ideas for the
>next generation of Metron’s Interface.
>
>The UI Requirements Meeting has changed platforms from WebEx to
Github user james-sirota commented on the pull request:
https://github.com/apache/incubator-metron/pull/101#issuecomment-216906351
+ 1, was able to pull down a VM
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your
gt;sets at the assessment tool, it builds metrics on the input (for example:
>count the number of packets per second) and then we use those metrics to
>estimate cluster size.
>
>On Wed, Apr 13, 2016 at 5:45 PM, James Sirota <jsir...@hortonworks.com>
>wrote:
>
>> That
I don’t think it’s terrible, but it’s not reflective of what Metron is about.
I think it needs to be something security analytics related
On 4/15/16, 10:10 AM, "Dave Hirko" wrote:
>+1 (its terrible)
>
>Dave Hirko | d...@b23.io | 571.421.7729
>
>
>
>
>
>
>
>
>On 4/15/16, 1:09
George,
Thanks for the contribution. This is great. Going forward I think we’ll need
to make these instructions more generic, but this is a great start
Thanks,
James
On 4/15/16, 9:31 AM, "George Vetticaden" wrote:
>I have goten a lot of questions/interests
Hi Guys,
As we are picking up more community members I think we need to start tagging
Jira’s with “complexity labels” and building up a pool of Jiras that newbies
can work on. I wanted to open this up to the community to see how we wanted to
handle that. What should these labels be and how
>>
>>Thanks,
>>Frank Lu
>>
>>
>>
>>
>>On 4/18/16, 3:05 PM, "Ryan Merriman" <rmerri...@hortonworks.com> wrote:
>>
>>>All,
>>>
>>>I put together a list of all the project java assets that detai
#1 does look like Metaspoit, but I think that’s the right direction. It’s sort
of security(ish). I’d like to dig into that some more
On 4/18/16, 12:22 PM, "zeo...@gmail.com" wrote:
>The first looks a little to close to Metasploit for my comfort. I have no
>opinion on
for n-sized time
bins. What specific requirements do you have in mind?
Thanks,
James
12.07.2016, 14:41, "zeo...@gmail.com" <zeo...@gmail.com>:
> I can definitely give it a shot. A kickstart would be appreciated.
>
> Jom
>
> On Tue, Jul 12, 2016, 17:17 James Si
> - To understand Netflow rates, it would watch for Netflow packets
>> and
>> > > count those.
>> > > - To understand sizing around application logs, a sensor would watch
>> > for
>> > > Syslog packets and count those.
>> > >
>>
Vote passes with 4 binding +1s:
James Sirota
Ryan Merriman
Casey Stella
Debo Dutta
There were no -1s.
Thanks to everyone who voted. Will advance to incubator vote
25.07.2016, 07:39, "Ryan Merriman" <rmerri...@hortonworks.com>:
> +1
>
> On 7/25/16, 9:32 AM, "Cas
to the
> Metron in field of Data Science(Statistical and Machine Learning). Can some
> one help me provide data and quick instructions on how I can be of help.
>
> Thanks,
> Jeevan
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/205
+1 i got this to work in quickdev
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/205
great job by the way. this looks great
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have
+1 from me
20.07.2016, 11:37, "James Sirota" <jsir...@hortonworks.com>:
> This release is exactly the same as RC2, but the Mozilla licensed file was
> removed so it doesn’t cause problems for us on the incubator general boards.
> We no longer use it so we just remov
This release is exactly the same as RC2, but the Mozilla licensed file was
removed so it doesn’t cause problems for us on the incubator general boards.
We no longer use it so we just removed it.
This is a call to vote on releasing Apache Metron 0.2.0BETA-RC3 incubating
Full list of changes in
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/190
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
Github user james-sirota commented on the issue:
https://github.com/apache/incubator-metron/pull/186
+1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so
ty comment on the JIRA (
> https://issues.apache.org/jira/browse/METRON-265). The proposed
> architecture is attached as a document to that JIRA.
>
> I look forward to feedback!
>
> Best,
>
> Casey
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
ntors should review reports for their project(s) and sign them off on
> the Incubator wiki page. Signing off reports shows that you are
> following the project - projects that are not signed may raise alarms
> for the Incubator PMC.
>
> Incubator PMC
---
Thank you,
James Sirota
PPMC- Apache Metron (Incubating)
jsirota AT apache DOT org
1 - 100 of 313 matches
Mail list logo