[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 I am seeing another issue that may or may not be related. It seems that when I am using the "group by" functionality, I cannot see meta-alerts at all. (1) If I am not using the "group

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user merrimanr commented on the issue: https://github.com/apache/metron/pull/811 @nickwallen suppose you have a metaalert that contains 2 alerts. Then suppose each alert has a different value for the host field. If you grouped on host, which group would you expect the

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 > I find that extremely confusing as a user of the tool. To explain that a bit more (and continuing with that same basic example)... As a user I created a meta-alert where the

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 > @nickwallen suppose you have a metaalert that contains 2 alerts. Then suppose each alert has a different value for the host field. If you grouped on host, which group would you expect the

Re: Stellar support for switch/case style conditionals

What I would like to do for the first PR is introduce match with the following syntax match{ logical expression : transformation expression, ….. , default : transformation expression} Such that the following work for example: @Test public void testMatch() {

[GitHub] metron issue #803: Metron-1252: Build ui for grouping alerts into meta alert...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/803 I was testing #811 along with the changes in this PR and noted an issue. It appears that the UI does not refresh itself after a meta-alert is created. 1. First, I isolate 10 alerts with

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user merrimanr commented on the issue: https://github.com/apache/metron/pull/811 I believe excluding metaalerts from the group by view is the desired behavior. ---

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 @james-sirota I find that extremely confusing as a user of the tool. We need to document that fact and some reasoning behind it at the very least. ---

[GitHub] metron issue #803: Metron-1252: Build ui for grouping alerts into meta alert...

Github user iraghumitra commented on the issue: https://github.com/apache/metron/pull/803 I added a single test case which covers the entire workflow of meta-alert. I couldn't think of a way to decompose it into smaller cases without making them dependent on each other. Any

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user james-sirota commented on the issue: https://github.com/apache/metron/pull/811 @nickwallen what you are looking at is a desired behavior. If the alerts are a part of the meta alert they do not appear in the facets ---

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user james-sirota commented on the issue: https://github.com/apache/metron/pull/811 @nickwallen to avoid scope creep on this PR I created a follow-on PR to figure out how to represent meta alerts in the facet panel. https://issues.apache.org/jira/browse/METRON-1276 I

[GitHub] metron pull request #811: METRON-1272: Hide child alerts from searches and g...

Github user justinleet closed the pull request at: https://github.com/apache/metron/pull/811 ---

[GitHub] metron pull request #811: METRON-1272: Hide child alerts from searches and g...

GitHub user justinleet reopened a pull request: https://github.com/apache/metron/pull/811 METRON-1272: Hide child alerts from searches and grouping if they belong to meta alerts ## Contributor Comments Adds the ability to hide alerts already contained in a meta alert from

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user justinleet commented on the issue: https://github.com/apache/metron/pull/811 Kick Travis ---

[GitHub] metron issue #813: METRON-1274: Master has failure in StormControllerIntegra...

Github user merrimanr commented on the issue: https://github.com/apache/metron/pull/813 Fixed the other failure at `SensorParserConfigControllerIntegrationTest.test:294`. ---

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 Another thing I noticed is that there does not seem to be a way to retrieve meta-alerts that you have created. For example, I created a meta-alert where `host:ip-addr.es`. Assuming we

[GitHub] metron pull request #803: Metron-1252: Build ui for grouping alerts into met...

Github user iraghumitra commented on a diff in the pull request: https://github.com/apache/metron/pull/803#discussion_r146205224 --- Diff: metron-interface/metron-alerts/src/app/alerts/meta-alerts/meta-alerts.component.ts --- @@ -0,0 +1,101 @@ +/** + * Licensed to the

[GitHub] metron pull request #812: METRON-1273: Website documentation link should poi...

GitHub user JonZeolla opened a pull request: https://github.com/apache/metron/pull/812 METRON-1273: Website documentation link should point to the current site-book ## Contributor Comments Changed a link on the website. Tested by following the steps

[GitHub] metron issue #774: METRON-1212 The bundle system and maven plugin

Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/774 @nickwallen are you still looking at this? ---

[GitHub] metron issue #774: METRON-1212 The bundle system and maven plugin

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/774 > @nickwallen: I have just started into this, but seems like I can create a bundle using the Maven plugin with this PR, right? > @ottobackwards: yes you can This was more of a leading

[GitHub] metron pull request #811: METRON-1272: Hide child alerts from searches and g...

GitHub user justinleet opened a pull request: https://github.com/apache/metron/pull/811 METRON-1272: Hide child alerts from searches and grouping if they belong to meta alerts ## Contributor Comments Adds the ability to hide alerts already contained in a meta alert from

[DISCUSS] Release Process Update

Today I was poking around the Metron site and documentation, and I noticed that the site-book's travis build status image is pointing to master for all of our releases. We should probably update the release process to pin this

[GitHub] metron pull request #803: Metron-1252: Build ui for grouping alerts into met...

Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/803#discussion_r146265654 --- Diff: metron-interface/metron-alerts/e2e/alerts-list/tree-view/tree-view.e2e-spec.ts --- @@ -175,7 +175,7 @@ describe('metron-alerts tree view',

[GitHub] metron pull request #803: Metron-1252: Build ui for grouping alerts into met...

Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/803#discussion_r146265870 --- Diff: metron-interface/metron-alerts/src/app/alerts/meta-alerts/meta-alerts.component.ts --- @@ -0,0 +1,101 @@ +/** + * Licensed to the

[GitHub] metron issue #774: METRON-1212 The bundle system and maven plugin

Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/774 @nickwallen I am doing some functional testing, but I'm not comfortable enough with it to give a full +1 on my own. When I'm done I will report back. ---

Re: [DISCUSS] Release Process Update

I'd argue it shouldn't be in the site-book at all. Presumably we aren't releasing while Travis is broken, so it's not useful information for anyone looking at docs. It just carries over from the main README. Seems like we should just scrub it when we do the other fixes to the READMEs to make them

[GitHub] metron pull request #803: Metron-1252: Build ui for grouping alerts into met...

Github user merrimanr commented on a diff in the pull request: https://github.com/apache/metron/pull/803#discussion_r146267005 --- Diff: metron-interface/metron-alerts/src/app/service/update.service.ts --- @@ -38,22 +41,27 @@ export class UpdateService {

Master build failures in Travis

See: METRON-1274 and https://travis-ci.org/apache/metron/builds An example failure is https://travis-ci.org/apache/metron/builds/290806887 This is possibly intermittent and possibly a result of METRON-1241

Re: Master build failures in Travis

Yeah, that could be a consequence. With the cache in place, the calls to delete are async. This isn't generally a problem in an actual installation, but in the integration tests, it can take some time to sync up (depending on the load). I ran it 20 or so times teasing these out, but it's never

[GitHub] metron pull request #813: METRON-1274: Master has failure in StormController...

GitHub user merrimanr opened a pull request: https://github.com/apache/metron/pull/813 METRON-1274: Master has failure in StormControllerIntegrationTest ## Contributor Comments This PR fixes an intermittently failing integration test. I believe the root cause is the test is

Re: Master build failures in Travis

Looks like Ryan got there first, which is awesome. Thanks for cleaning up my mess :) On Mon, Oct 23, 2017 at 10:04 AM, Casey Stella wrote: > Yeah, that could be a consequence. With the cache in place, the calls to > delete are async. This isn't generally a problem in an

[GitHub] metron issue #813: METRON-1274: Master has failure in StormControllerIntegra...

Github user cestella commented on the issue: https://github.com/apache/metron/pull/813 Could you also add an `assertEventually` to `SensorParserConfigControllerIntegrationTest.test:294` ? Looks like it also failed in https://travis-ci.org/apache/metron/builds/290806887

[GitHub] metron issue #687: METRON-1090 Add Assignment to Stellar Language

Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/687 Is this ready for review? If so, can you deconflict? ---

[GitHub] metron pull request #813: METRON-1274: Master has failure in StormController...

Github user cestella commented on a diff in the pull request: https://github.com/apache/metron/pull/813#discussion_r146276684 --- Diff: metron-interface/metron-rest/src/test/java/org/apache/metron/rest/controller/StormControllerIntegrationTest.java --- @@ -187,9 +187,9 @@ public

[GitHub] metron issue #796: METRON-1224: Add time range selection to search control

Github user iraghumitra commented on the issue: https://github.com/apache/metron/pull/796 @merrimanr can you clear browser cache and try? There is a change in save query model my bad I missed mentioning it. ---

[GitHub] metron issue #796: METRON-1224: Add time range selection to search control

Github user james-sirota commented on the issue: https://github.com/apache/metron/pull/796 A few things didn't work for me. First, when I select a time range of (t-x minutes) the start and end time does not fill in per screen shot below.

[GitHub] metron issue #811: METRON-1272: Hide child alerts from searches and grouping...

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/811 It appears to me that the alerts contained within a meta-alert are not contributing to the facet counts returned by a search request. I think we still do want that to happen. Let me explain

Re: [DISCUSS] Release Process Update

I agree with Justin. This micro-feature is intended as a github widget, which causes the top-level README to give all viewers an immediate flag whether the build is healthy or not. It does not belong in a rendered site-book. Removing the widget during site-book build, can be done with a

[GitHub] metron issue #767: METRON-1196 Increment master version number to 0.4.2 for ...

Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/767 +1 ---

[GitHub] metron issue #796: METRON-1224: Add time range selection to search control

Github user iraghumitra commented on the issue: https://github.com/apache/metron/pull/796 @merrimanr plz find my replies - when I open the date/time range picker why does it say "now/d"? I would expect just "now" or "Now" - Changed to now - when I first navigate to the Alerts

[GitHub] metron issue #690: METRON-1091 Package STELLAR shell as stand alone

Github user ottobackwards commented on the issue: https://github.com/apache/metron/pull/690 Sorry , it has been a while, I'll try to get it set ---

[GitHub] metron issue #774: METRON-1212 The bundle system and maven plugin

Github user nickwallen commented on the issue: https://github.com/apache/metron/pull/774 Sounds good @JonZeolla thanks ---

[GitHub] metron issue #690: METRON-1091 Package STELLAR shell as stand alone

Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/690 Can you deconflict? I'd like to retest and review your questions again, but at a quick glance I think my prior suggestions stand, and for your NOTICE question, I'm not sure. ---

[GitHub] metron issue #767: METRON-1196 Increment master version number to 0.4.2 for ...

Github user mattf-horton commented on the issue: https://github.com/apache/metron/pull/767 @ottobackwards , yup. So is that a +1 regarding commit? :-) ---