Yup, your first paragraph is exactly right. Jon
On Fri, Sep 7, 2018 at 1:23 PM Michael Miklavcic < michael.miklav...@gmail.com> wrote: > I'm a little rusty on my C++, but to summarize what I've gathered from this > thread and linked code: The Bro plugin infrastructure does not support a > patch version currently, only major.minor (x.y). But bro-pkg, the bro > package installation mechanism, does support it now. Which is unfortunately > moot bc unlike other 3rd party scripts that can support vX.Y.Z, this is a > plugin and the API does not support the 'Y'. > > I think I'm in favor of keeping X.Y (0.2) for now. I would urge this > approach by comparison to calculating significant figures - if my tooling > is only able to calculate 2 decimal places, e.g. 1.23, I shouldn't be > recording 1.230 or 1.230000 as this isn't reflective of the tool's actual > fidelity. Likewise, the Bro plugin API doesn't allow X.Y.Z right now, only > X.Y per Jon's comments. Not strictly speaking an apples to apples > comparison, but it's a justifiable approach imho. Once the plugin > infrastructure supports it, we can add the extra patch version to reflect > this additional available state info. > > Best, > Mike > > > On Thu, Sep 6, 2018 at 7:34 PM zeo...@gmail.com <zeo...@gmail.com> wrote: > > > I'm not aware of the bro plugin artifacts being used in any way. > > > > Jon > > > > On Thu, Sep 6, 2018, 10:59 Justin Leet <justinjl...@gmail.com> wrote: > > > > > Do we use the artifacts directly at all? Or is it through bro-pkg only? > > > > > > Also, It's very possible I'm making a mountain out of a molehill here, > > and > > > if it's something that's not particularly important, it might be > > worthwhile > > > to just stick with what we did last time, and just table this > discussion > > > until post release. It feels pretty nitpicky at this point, and if the > > > practical implications are pretty minor, I'd rather just get an RC out. > > > > > > On Thu, Sep 6, 2018 at 10:02 AM zeo...@gmail.com <zeo...@gmail.com> > > wrote: > > > > > > > Either is fine with me. If it's x.y in some parts of the app I > prefer > > to > > > > keep it consistent throughout, but I'm also fine with lining up with > > > > Apache/Metron where we can. > > > > > > > > I also refreshed myself on why we avoided x.y.z initially and it was > > > > actually for this exact reason, we wanted consistent versioning > > > throughout > > > > a repo. This issue is with the bro plugins themselves, not bro-pkg, > > so I > > > > submit a JIRA <https://bro-tracker.atlassian.net/browse/BIT-1985>. > > > > > > > > Jon > > > > > > > > > > > > On Wed, Sep 5, 2018, 21:51 Justin Leet <justinjl...@gmail.com> > wrote: > > > > > > > > > Makes sense. Do we have any objection to just going to the artifact > > > being > > > > > 0.2? Or do we want to keep the mixed versioning and just live with > > it, > > > > at > > > > > least for now? > > > > > > > > > > On Wed, Sep 5, 2018 at 8:58 PM zeo...@gmail.com <zeo...@gmail.com> > > > > wrote: > > > > > > > > > > > I think mattf-horton just did that as a part of convention. He > > > handled > > > > > > that part, and I did the 0.1 tagging (as a prereq to this > > > > > > < > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/metron/commit/2e78df67c12a6fcad726551128e9753ad36d5ee9#diff-8e3bdd364219306b1fad91047208e6e4R30 > > > > > > >) > > > > > > last time the package was released. > > > > > > > > > > > > Jon > > > > > > > > > > > > On Wed, Sep 5, 2018 at 8:28 PM Justin Leet < > justinjl...@gmail.com> > > > > > wrote: > > > > > > > > > > > > > Any idea why we released it as 0.1.0 in the artifacts version? > > I'm > > > > > fine > > > > > > > with doing x.y if we need to, but I would like the artifact > > > > versioning > > > > > to > > > > > > > be consistent if possible. > > > > > > > > > > > > > > On Wed, Sep 5, 2018 at 8:26 PM zeo...@gmail.com < > > zeo...@gmail.com> > > > > > > wrote: > > > > > > > > > > > > > > > I lied, we didn't need to update our btests because it's > > limited > > > > to a > > > > > > > major > > > > > > > > and minor version. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/src/Plugin.cc#L33-L34 > > > > > > > > > > > > > > > > Jon > > > > > > > > > > > > > > > > On Wed, Sep 5, 2018 at 8:10 PM zeo...@gmail.com < > > > zeo...@gmail.com> > > > > > > > wrote: > > > > > > > > > > > > > > > > > I looked into x.y.z back when we released 0.1 and it was > not > > > > > possible > > > > > > > in > > > > > > > > > bro-pkg at the time but now it is > > > > > > > > > <https://github.com/bro/package-manager/issues/32>. In > > order > > > to > > > > > do > > > > > > > > this, > > > > > > > > > we'll also need to configure bro-pkg.meta to require the > > proper > > > > > > version > > > > > > > > of > > > > > > > > > bro-pkg, as well as update the btests for the new version > > > string. > > > > > I > > > > > > > will > > > > > > > > > throw together a JIRA and PR to do all this in case we > decide > > > to > > > > > > align > > > > > > > > with > > > > > > > > > x.y.z; we can trash it if we decide to stay with x.y. > > > > > > > > > > > > > > > > > > Jon > > > > > > > > > > > > > > > > > > On Wed, Sep 5, 2018 at 7:35 PM Justin Leet < > > > > justinjl...@gmail.com> > > > > > > > > wrote: > > > > > > > > > > > > > > > > > >> Long story short, while preparing the release candidate, I > > > > > > discovered > > > > > > > > our > > > > > > > > >> metron-bro-plugin-kafka is inconsistently versioned. > > > > > > > > >> > > > > > > > > >> In the repo, it's x.y (e.g. 0.2) > > > > > > > > >> See: > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://github.com/apache/metron-bro-plugin-kafka/blob/master/VERSION#L18 > > > > > > > > >> > > > > > > > > >> In our released artifact, it's x.y.z (e.g. 0.1.0) > > > > > > > > >> See http://archive.apache.org/dist/metron/0.4.2/ > > > > > > > > >> > > > > > > > > >> Going forward from this release, I'd like the artifact to > be > > > > > > > consistent > > > > > > > > >> with the repo. I'd personally prefer x.y.z to be entirely > > > > > > consistent > > > > > > > > >> throughout Metron, but if there's a particular reason why > it > > > was > > > > > x.y > > > > > > > I'm > > > > > > > > >> happy to entertain it. > > > > > > > > >> > > > > > > > > >> If we choose to move to x.y.z, I can provide a PR to > update > > > the > > > > > > > version > > > > > > > > to > > > > > > > > >> 0.2.0 unless someone else wants to volunteer. Otherwise, > I'd > > > > like > > > > > to > > > > > > > > >> release the artifact as > > > > apache-metron-bro-plugin-kafka_0.2.tar.gz > > > > > > > > >> > > > > > > > > >> Justin > > > > > > > > >> > > > > > > > > >> On Tue, Sep 4, 2018 at 12:15 PM Justin Leet < > > > > > justinjl...@gmail.com> > > > > > > > > >> wrote: > > > > > > > > >> > > > > > > > > >> > As an update, I'll be working on starting the release > > > process > > > > > > > rolling > > > > > > > > >> > today. The PCAP Query panel feature branch is in master > > and > > > I > > > > > > > haven't > > > > > > > > >> heard > > > > > > > > >> > of any other potential blockers. I'd appreciate everyone > > > > > updating > > > > > > > > their > > > > > > > > >> > JIRAs with their state (complete, etc.) and version > > (0.6.0) > > > as > > > > > > > needed. > > > > > > > > >> > > > > > > > > > >> > Do we have anything that needs to go into the > UPGRADING.md > > > > file? > > > > > > > > >> > > > > > > > > > >> > A PR is out for updating the version from 0.5.1 to > 0.6.0. > > > > Please > > > > > > see > > > > > > > > >> > https://github.com/apache/metron/pull/1183. I still > need > > to > > > > > spin > > > > > > up > > > > > > > > >> full > > > > > > > > >> > dev etc. before this is ready to be merged. > > > > > > > > >> > > > > > > > > > >> > Updated list of PRs that have made it into master as of > > Sept > > > > 4, > > > > > > 2018 > > > > > > > > >> > > > > > > > > > >> > 6 days ago METRON-1751 Storm Profiler dies when > consuming > > > null > > > > > > > message > > > > > > > > >> > (nickwallen) closes apache/metron#1176 > > > > > > > > >> > 6 days ago METRON-1757 Storm Profiler Serialization > > > Exception > > > > > > > > >> (nickwallen) > > > > > > > > >> > closes apache/metron#1178 > > > > > > > > >> > 6 days ago METRON-1743 CEF testPaloAltoCEF test using a > > > > > confusing > > > > > > > > >> variable > > > > > > > > >> > name (JonZeolla via justinleet) closes > apache/metron#1173 > > > > > > > > >> > 8 days ago METRON-1752 Prevent package.lock from > changing > > > > during > > > > > > > build > > > > > > > > >> > (sardell via merrimanr) closes apache/metron#1177 > > > > > > > > >> > 8 days ago METRON-1724 Date/time validation missing in > > PCAP > > > > > query > > > > > > > > >> (tiborm > > > > > > > > >> > via nickwallen) closes apache/metron#1172 > > > > > > > > >> > 3 weeks ago METRON-1554 Pcap Query Panel (merrimanr) > > closes > > > > > > > > >> > apache/metron#1169 > > > > > > > > >> > 3 weeks ago METRON-1739 UDP packets are not handled > > > > (merrimanr) > > > > > > > closes > > > > > > > > >> > apache/metron#1168 > > > > > > > > >> > 3 weeks ago METRON-1727: Alerts are not populated on the > > > > alerts > > > > > UI > > > > > > > > after > > > > > > > > >> > enabling X-pack for Elastic search (MohanDV via > mmiklavc) > > > > closes > > > > > > > > >> > apache/metron#1141 > > > > > > > > >> > 3 weeks ago METRON-1738: Pcap directories should have > > > correct > > > > > > > > >> permissions > > > > > > > > >> > (merrimanr via mmiklavc) closes apache/metron#1166 > > > > > > > > >> > 3 weeks ago METRON-1737: Document Job cleanup (merrimanr > > via > > > > > > > mmiklavc) > > > > > > > > >> > closes apache/metron#1164 > > > > > > > > >> > 3 weeks ago METRON-1732: Fix job status liveness bug and > > > > > > parallelize > > > > > > > > >> > finalizer file writing (mmiklavc via mmiklavc) closes > > > > > > > > apache/metron#1157 > > > > > > > > >> > 3 weeks ago METRON-1735 Empty print status option causes > > NPE > > > > > > > > (merrimanr) > > > > > > > > >> > closes apache/metron#1160 > > > > > > > > >> > 3 weeks ago METRON-1733 PCAP UI - PCAP queries > don't > > > work > > > > > on > > > > > > > > Safari > > > > > > > > >> > (sardell via merrimanr) closes apache/metron#1158 > > > > > > > > >> > 3 weeks ago METRON-1734 Src and Dst port filters are > > > incorrect > > > > > > after > > > > > > > > >> > changing to empty (merrimanr) closes apache/metron#1159 > > > > > > > > >> > 4 weeks ago METRON-1725 Add ability to specify YARN > queue > > > for > > > > > pcap > > > > > > > > jobs > > > > > > > > >> > (merrimanr) closes apache/metron#1153 > > > > > > > > >> > 4 weeks ago METRON-1731: PCAP - Escape colons in output > > dir > > > > > names > > > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1155 > > > > > > > > >> > 4 weeks ago METRON-1702 Reload a running job in the UI > > > > > (merrimanr) > > > > > > > > >> closes > > > > > > > > >> > apache/metron#1156 > > > > > > > > >> > 4 weeks ago METRON-1722 PcapCLI should print progress to > > > > stdout > > > > > > > > >> > (merrimanr) closes apache/metron#1138 > > > > > > > > >> > 4 weeks ago Merge branch 'master' into > > > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > > > >> > 4 weeks ago METRON-1728: Handle null values in config in > > > Pcap > > > > > > > backend > > > > > > > > >> more > > > > > > > > >> > gracefully (mmiklavc via mmiklavc) closes > > apache/metron#1151 > > > > > > > > >> > 4 weeks ago METRON-1730: Update steps to run pycapa on > > > Centos > > > > 6 > > > > > > > > >> (mmiklavc > > > > > > > > >> > via mmiklavc) closes apache/metron#1152 > > > > > > > > >> > 4 weeks ago METRON-1713 PCAP UI - Add a way to kill a > pcap > > > job > > > > > > > (tiborm > > > > > > > > >> via > > > > > > > > >> > merrimanr) closes apache/metron#1143 > > > > > > > > >> > 4 weeks ago METRON-1723 PCAP UI - Unable to select/copy > > from > > > > > > packets > > > > > > > > >> > details in PCAP query panel (sardell via merrimanr) > closes > > > > > > > > >> > apache/metron#1139 > > > > > > > > >> > 4 weeks ago METRON-1712 PCAP UI - Input validation > (tiborm > > > via > > > > > > > > >> merrimanr) > > > > > > > > >> > closes apache/metron#1142 > > > > > > > > >> > 4 weeks ago METRON-1720 Better error messages when there > > are > > > > no > > > > > > > > results > > > > > > > > >> or > > > > > > > > >> > wireshark is not installed (merrimanr) closes > > > > apache/metron#1154 > > > > > > > > >> > 4 weeks ago METRON-1726: Refactor > > > PcapTopologyIntegrationTest > > > > > > > > (mmiklavc > > > > > > > > >> > via mmiklavc) closes apache/metron#1140 > > > > > > > > >> > 4 weeks ago METRON-1683 PCAP UI - Fix the download > > progress > > > > bar > > > > > > > > (sardell > > > > > > > > >> > via merrimanr) closes apache/metron#1122 > > > > > > > > >> > 4 weeks ago METRON-1675 PCAP UI - Introduce the paging > > > > > capability > > > > > > > > >> (sardell > > > > > > > > >> > via merrimanr) closes apache/metron#1121 > > > > > > > > >> > 4 weeks ago METRON-1721 New default input path is wrong > in > > > > pcap > > > > > > CLI > > > > > > > > >> > (merrimanr) closes apache/metron#1137 > > > > > > > > >> > 4 weeks ago Merge branch 'master' into > > > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > > > >> > 4 weeks ago METRON-1676 PCAP UI - Add data range > selector > > to > > > > the > > > > > > > > filter > > > > > > > > >> > bar (tiborm via merrimanr) closes apache/metron#1119 > > > > > > > > >> > 5 weeks ago METRON-1662 PCAP UI - Downloading PCAP page > > > files > > > > > > > (tiborm > > > > > > > > >> via > > > > > > > > >> > merrimanr) closes apache/metron#1118 > > > > > > > > >> > 5 weeks ago METRON-1700 Create REST endpoint to get job > > > > > > > configuration > > > > > > > > >> > (merrimanr) closes apache/metron#1135 > > > > > > > > >> > 5 weeks ago METRON-1671 Create PCAP UI (tiborm via > > > merrimanr) > > > > > > closes > > > > > > > > >> > apache/metron#1103 > > > > > > > > >> > 5 weeks ago METRON-1701 Update General notes on the > > > > installation > > > > > > of > > > > > > > > >> Pycapa > > > > > > > > >> > on Kerberized cluster (MohanDV via nickwallen) closes > > > > > > > > apache/metron#1136 > > > > > > > > >> > 6 weeks ago METRON-1650 Packaging docker containers are > > too > > > > > large > > > > > > > > >> > (jameslamb via merrimanr) closes apache/metron#1091 > > > > > > > > >> > 6 weeks ago METRON-1604 : Add RHEL 7 power pc to OS > family > > > for > > > > > the > > > > > > > HCP > > > > > > > > >> > management pack repo info closes > > > apache/incubator-metron#1052 > > > > > > > > >> > 6 weeks ago Merge branch 'master' into > > > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > > > >> > 6 weeks ago METRON-1687: Upgrade the rat plugin to > > > > 0.13-SNAPSHOT > > > > > > > > closes > > > > > > > > >> > apache/incubator-metron#1126 > > > > > > > > >> > 6 weeks ago METRON-1694: Clean up Metron REST docs > closes > > > > > > > > >> > apache/incubator-metron#1131 > > > > > > > > >> > 6 weeks ago METRON-1691: REST should limit the number of > > > Pcap > > > > > > jobs a > > > > > > > > >> user > > > > > > > > >> > can submit (merrimanr via mmiklavc) closes > > > apache/metron#1129 > > > > > > > > >> > 6 weeks ago METRON-1693: Fix Pcap CLI local FS finalizer > > > > > (mmiklavc > > > > > > > via > > > > > > > > >> > mmiklavc) closes apache/metron#1130 > > > > > > > > >> > 6 weeks ago METRON-1690: Add more context to PcapJob > > > JobStatus > > > > > > > > (mmiklavc > > > > > > > > >> > via mmiklavc) closes apache/metron#1128 > > > > > > > > >> > 6 weeks ago METRON-1661 Create Pcap Query Filter > endpoint > > > > > > > (merrimanr) > > > > > > > > >> > closes apache/metron#1125 > > > > > > > > >> > 6 weeks ago METRON-1560 Update MPack to support Pcap > panel > > > > > > > (merrimanr) > > > > > > > > >> > closes apache/metron#1124 > > > > > > > > >> > 7 weeks ago METRON-1606 Add a 'wrap' to > incoming > > > > > > messages > > > > > > > in > > > > > > > > >> the > > > > > > > > >> > metron json parser (ottobackwards) closes > > apache/metron#1054 > > > > > > > > >> > 7 weeks ago METRON-1562 Enable Kerberos in REST for YARN > > and > > > > MR > > > > > > jobs > > > > > > > > >> > (merrimanr) closes apache/metron#1094 > > > > > > > > >> > 7 weeks ago Merge branch 'master' into > > > > > > > > >> feature/METRON-1554-pcap-query-panel > > > > > > > > >> > 7 weeks ago METRON-1685 Retrieve Pcap results in raw > > binary > > > > > format > > > > > > > > >> > (merrimanr) closes apache/metron#1123 > > > > > > > > >> > 7 weeks ago METRON-1638 Retrieve Pcap results in pdml > > format > > > > > > > > (merrimanr) > > > > > > > > >> > closes apache/metron#1120 > > > > > > > > >> > 7 weeks ago METRON-1686 Create stop job endpoint for > Pcap > > > > > queries > > > > > > > > >> > (mmiklavc via merrimanr) closes apache/metron#1115 > > > > > > > > >> > 7 weeks ago METRON-1674 Create REST endpoint for job > > status > > > > > > > > abstraction > > > > > > > > >> > (merrimanr) closes apache/metron#1109 > > > > > > > > >> > 7 weeks ago METRON-1672 Add metron-alerts's UI unit > > > tests > > > > > to > > > > > > > > travis > > > > > > > > >> > build process (justinleet) closes apache/metron#1106 > > > > > > > > >> > 7 weeks ago METRON-1614: Create job status abstraction > > > > (mmiklavc > > > > > > via > > > > > > > > >> > mmiklavc) closes apache/metron#1108 > > > > > > > > >> > 7 weeks ago METRON-1684 Fix Markdown problems in > > > > > 3rdPartyParser.md > > > > > > > > >> > (justinleet) closes apache/metron#1110 > > > > > > > > >> > 7 weeks ago METRON-1657 Parser aggregation in storm > > > > (justinleet) > > > > > > > > closes > > > > > > > > >> > apache/metron#1099 > > > > > > > > >> > 7 weeks ago METRON-1651 Fixing failing protractor e2e > test > > > > > (tiborm > > > > > > > via > > > > > > > > >> > merrimanr) closes apache/metron#1095 > > > > > > > > >> > 7 weeks ago METRON-1673 Fix Javadoc errors (justinleet) > > > closes > > > > > > > > >> > apache/metron#1107 > > > > > > > > >> > 7 weeks ago METRON-1620: Fixes for forensic clustering > use > > > > case > > > > > > > > example > > > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > > > > > >> > 7 weeks ago METRON-1659: The platform-info.sh should > check > > > for > > > > > the > > > > > > > > >> vagrant > > > > > > > > >> > hostmanager plugin closes apache/incubator-metron#1100 > > > > > > > > >> > 7 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes > > > > > > > > >> > apache/incubator-metron#1101 > > > > > > > > >> > 7 weeks ago METRON-1236 Add start/stop/restart commands > > that > > > > > > execute > > > > > > > > >> > successfully, when ambari agents run as non-root user > > closes > > > > > > > > >> > apache/incubator-metron#1105 > > > > > > > > >> > 7 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is > > locale > > > > > > > sensitive > > > > > > > > >> > closes apache/incubator-metron#1104 > > > > > > > > >> > 8 weeks ago METRON-1660 On Solr, sorting by threat score > > > fails > > > > > > > > >> > (justinleet) closes apache/metron#1102 > > > > > > > > >> > 8 weeks ago METRON-1656 Create KAKFA_SEEK function > > > > (nickwallen) > > > > > > > closes > > > > > > > > >> > apache/metron#1097 > > > > > > > > >> > 8 weeks ago Resolve merge conflicts with master. > > > > > > > > >> > 8 weeks ago METRON-1641: Enable Pcap jobs to be > submitted > > > > > > > > asynchronously > > > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1081 > > > > > > > > >> > 8 weeks ago METRON-1644: Support parser chaining closes > > > > > > > > >> > apache/incubator-metron#1084 > > > > > > > > >> > 8 weeks ago METRON-1655 Make REGEXP_MATCH take multiple > > > regexs > > > > > in > > > > > > > the > > > > > > > > >> 2nd > > > > > > > > >> > arg (ottobackwards) closes apache/metron#1098 > > > > > > > > >> > 9 weeks ago METRON-1643: Create a REGEX_ROUTING field > > > > > > transformation > > > > > > > > >> > closes apache/incubator-metron#1083 > > > > > > > > >> > 9 weeks ago METRON-1652 Document X-Pack Common Problem > > > > > > (nickwallen) > > > > > > > > >> closes > > > > > > > > >> > apache/metron#1092 > > > > > > > > >> > 9 weeks ago METRON-1649 Intermittent Test Failure > > > > > > > > >> > ProfileBuilderBoltTest#testFlushExpiredProfiles > > (nickwallen) > > > > > > closes > > > > > > > > >> > apache/metron#1090 > > > > > > > > >> > 9 weeks ago METRON-1635 Alerts UI status update > > doesn't > > > > > > > > immediately > > > > > > > > >> > show up (merrimanr) closes apache/metron#1080 > > > > > > > > >> > 9 weeks ago METRON-1642: KafkaWriter should be able > choose > > > the > > > > > > topic > > > > > > > > >> from > > > > > > > > >> > a field in addition to topology construction time closes > > > > > > > > >> > apache/incubator-metron#1082 > > > > > > > > >> > 9 weeks ago METRON-1636: Fix broken unit test setup in > > > > > > metron-alerts > > > > > > > > >> > closes apache/incubator-metron#1085 > > > > > > > > >> > 10 weeks ago METRON-1631 Alerts UI: Dash score does not > > show > > > > if > > > > > > only > > > > > > > > >> > filtering by one group (sardell via merrimanr) closes > > > > > > > > apache/metron#1079 > > > > > > > > >> > 10 weeks ago METRON-1647 Fix logging level score closes > > > > > > > > >> > apache/incubator-metron#1089 > > > > > > > > >> > 10 weeks ago METRON-1621: Sorting alerts table by score > > > closes > > > > > > > > >> > apache/incubator-metron#1088 > > > > > > > > >> > 10 weeks ago METRON-1619: Stellar empty collections > should > > > be > > > > > > > > considered > > > > > > > > >> > false in boolean expressions closes > > > > apache/incubator-metron#1064 > > > > > > > > >> > 10 weeks ago METRON-1646 Sensor Stubs should work when > > > > > kerberized > > > > > > > > >> > (nickwallen) closes apache/metron#1087 > > > > > > > > >> > 10 weeks ago METRON-1645: Check wether the Solr > management > > > > pack > > > > > is > > > > > > > > >> > installed before configuring the solr principal name. > > closes > > > > > > > > >> > apache/incubator-metron#1086 > > > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 2 months ago METRON-1634 Alerts UI add comment > > doesn't > > > > > > > > immediately > > > > > > > > >> > show up. (merrimanr) closes apache/metron#1077 > > > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > > > >> > feature/METRON-1554-pcap-query-panel > > > > > > > > >> > 2 months ago METRON-1555 Update REST to run YARN and MR > > jobs > > > > > > > > (merrimanr) > > > > > > > > >> > closes apache/metron#1019 > > > > > > > > >> > 2 months ago METRON-1489 Retrofit UI tests to run > reliably > > > > > during > > > > > > > > >> nightly > > > > > > > > >> > QE runs (sardell via nickwallen) closes > apache/metron#1004 > > > > > > > > >> > 2 months ago METRON-1637 Wrong path to escalate alert > REST > > > > > > endpoint > > > > > > > > >> > (merrimanr) closes apache/metron#1078 > > > > > > > > >> > 2 months ago METRON-1624 Set Profiler and Enrichment > batch > > > > > > > parameters > > > > > > > > in > > > > > > > > >> > Ambari (nickwallen) closes apache/metron#1069 > > > > > > > > >> > 2 months ago Merge remote-tracking branch > 'origin/master' > > > into > > > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 2 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > (nickwallen) closes apache/metron#1075 > > > > > > > > >> > 2 months ago METRON-1629 Update Solr documentation > > > (merrimanr > > > > > via > > > > > > > > >> > justinleet) closes apache/metron#1072 > > > > > > > > >> > 3 months ago METRON-1633 Incorrect instructions when > > merging > > > > PR > > > > > > into > > > > > > > > >> > feature branch (nickwallen) closes apache/metron#1074 > > > > > > > > >> > 3 months ago METRON-1630 Add threat.triage.score.field > to > > > > > READMEs > > > > > > > > >> > (merrimanr) closes apache/metron#1073 > > > > > > > > >> > 3 months ago METRON-1609 Elasticsearch settings in > Ambari > > > > should > > > > > > not > > > > > > > > be > > > > > > > > >> > required if Solr is the indexer (nickwallen) closes > > > > > > > apache/metron#1056 > > > > > > > > >> > 3 months ago METRON-1627 Alerts UI: Metaalert details > > > missing > > > > in > > > > > > > > details > > > > > > > > >> > panel when trying to add alert to existing metaalert > > > (sardell > > > > > via > > > > > > > > >> > justinleet) closes apache/metron#1070 > > > > > > > > >> > 3 months ago METRON-1625 Merge master into Solr feature > > > branch > > > > > > > > >> (merrimanr) > > > > > > > > >> > closes apache/metron#1067 > > > > > > > > >> > 3 months ago METRON-1626 Alerts UI: An empty result is > > > > returned > > > > > > when > > > > > > > > >> > searching for a single alert contained in a metaalert > > > (sardell > > > > > via > > > > > > > > >> > nickwallen) closes apache/metron#1068 > > > > > > > > >> > 3 months ago METRON-1611 Increment master version number > > to > > > > > 0.5.1 > > > > > > > for > > > > > > > > >> > on-going development (justinleet) closes > > apache/metron#1057 > > > > > > > > >> > 3 months ago METRON-1622 Allow user to define global > > > property > > > > > > > > >> > 'threat.triage.score.field' in Ambari (nickwallen) > closes > > > > > > > > >> apache/metron#1066 > > > > > > > > >> > 3 months ago METRON-1599 Allow user to define global > > > property > > > > > > > > >> > 'source.type.field' in Ambari (nickwallen) closes > > > > > > apache/metron#1047 > > > > > > > > >> > 3 months ago METRON-1616 Changing alert status fails if > no > > > > > > > metaalerts > > > > > > > > >> have > > > > > > > > >> > been created yet (merrimanr) closes apache/metron#1061 > > > > > > > > >> > 3 months ago METRON-1573 Enhance KAFKA_* functions to > > return > > > > > > > partition > > > > > > > > >> and > > > > > > > > >> > offset details (nickwallen) closes apache/metron#1030 > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago METRON-1617: Make threat triage score > > function > > > > with > > > > > > > dots > > > > > > > > as > > > > > > > > >> > well as colons closes apache/incubator-metron#1062 > > > > > > > > >> > 3 months ago METRON-1613 Metaalerts status update broken > > in > > > > > Alerts > > > > > > > UI > > > > > > > > >> > (merrimanr) closes apache/metron#1059 > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago METRON-1588 Migrate storm-kafka-client to > > 1.2.1 > > > > > > closes > > > > > > > > >> > apache/incubator-metron#1039 > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago Merge branch > > 'feature/METRON-1416-upgrade-solr' > > > > of > > > > > > > > >> > https://git-wip-us.apache.org/repos/asf/metron into > > > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 3 months ago METRON-1587 Make collection utility work > for > > > HDP > > > > > > search > > > > > > > > >> > (merrimanr) closes apache/metron#1043 > > > > > > > > >> > 3 months ago METRON-1612 Fix website download links > > > > (justinleet) > > > > > > > > closes > > > > > > > > >> > apache/metron#1058 > > > > > > > > >> > 3 months ago METRON-1608 Add configuration for > > > > > threat.triage.field > > > > > > > > name > > > > > > > > >> > (merrimanr) closes apache/metron#1055 > > > > > > > > >> > 3 months ago METRON-1585 SolrRetrieveLatestDao does not > > use > > > > the > > > > > > > > >> collection > > > > > > > > >> > lookup (justinleet via merrimanr) closes > > apache/metron#1050 > > > > > > > > >> > 3 months ago METRON-1533 Create KAFKA_FIND Stellar > > Function > > > > > > > > (nickwallen) > > > > > > > > >> > closes apache/metron#1025 > > > > > > > > >> > 3 months ago METRON-1601: Rename metaalert alert nested > > > field > > > > to > > > > > > > > >> > metron_alert to avoid collision closes > > > > > > apache/incubator-metron#1049 > > > > > > > > >> > 3 months ago METRON-1572 Enhance KAFKA_PUT function > > > > (nickwallen) > > > > > > > > closes > > > > > > > > >> > apache/metron#1024 > > > > > > > > >> > 3 months ago METRON-1607 update public web site to point > > at > > > > > 0.5.0 > > > > > > > new > > > > > > > > >> > release (justinleet) closes apache/metron#1053 > > > > > > > > >> > 3 months ago METRON-1568: Stellar should have a _ > special > > > > > variable > > > > > > > > which > > > > > > > > >> > returns the message in map form closes > > > > > > apache/incubator-metron#1021 > > > > > > > > >> > 3 months ago METRON-1594: KafkaWriter is asynchronous > and > > > may > > > > > lose > > > > > > > > data > > > > > > > > >> on > > > > > > > > >> > node failure (mmiklavc via mmiklavc) closes > > > apache/metron#1045 > > > > > > > > >> > 3 months ago METRON-1603: Fix multivalue field errors in > > Bro > > > > > Solr > > > > > > > > schema > > > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > > > > > >> > 3 months ago METRON-1584 Indexing Topology Crashes with > > > > Invalid > > > > > > > > Message > > > > > > > > >> > (nickwallen) closes apache/metron#1036 > > > > > > > > >> > 3 months ago METRON-1547 Solr Comment Fields > (justinleet) > > > > closes > > > > > > > > >> > apache/metron#1037 > > > > > > > > >> > 3 months ago METRON-1553 Validate JIRA Script Error > > > > (nickwallen) > > > > > > > > closes > > > > > > > > >> > apache/metron#1013 > > > > > > > > >> > 3 months ago METRON-1592 Unable to use third party > parser > > > with > > > > > > Storm > > > > > > > > >> > versions >= 1.1.0 (nickwallen) closes apache/metron#1042 > > > > > > > > >> > 3 months ago METRON-1598 NoClassDefFoundError when > running > > > > with > > > > > > > > >> > Elasticsearch X-Pack (nickwallen) closes > > apache/metron#1048 > > > > > > > > >> > 3 months ago METRON-1589 '/api/v1/search/search' fails > > when > > > > > 'Solr > > > > > > > > >> > Zookeeper Urls' has comma separated multiple zookeeper > > urls > > > > > > > > (justinleet) > > > > > > > > >> > closes apache/metron#1040 > > > > > > > > >> > 3 months ago METRON-1593 Setting Metron rest additional > > > > > classpath > > > > > > > > >> removes > > > > > > > > >> > HBase and Hadoop configs from classpath (merrimanr) > closes > > > > > > > > >> > apache/metron#1044 > > > > > > > > >> > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek to End > > > Logic > > > > > > > > >> (nickwallen) > > > > > > > > >> > closes apache/metron#1023 > > > > > > > > >> > 3 months ago METRON-1579: Stellar should return the > > > expression > > > > > > that > > > > > > > > >> failed > > > > > > > > >> > in the exception closes apache/incubator-metron#1033 > > > > > > > > >> > 3 months ago METRON-1586 Defaulting for the source type > > > field > > > > in > > > > > > > > alerts > > > > > > > > >> UI > > > > > > > > >> > does not work (merrimanr via justinleet) closes > > > > > apache/metron#1038 > > > > > > > > >> > 3 months ago METRON-1569: Allow user to change field > name > > > > > > conversion > > > > > > > > >> when > > > > > > > > >> > indexing to Elasticsearch (nickwallen via mmiklavc) > closes > > > > > > > > >> > apache/metron#1022 > > > > > > > > >> > 3 months ago METRON-1544 Flaky test: > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > org.apache.metron.stellar.common.CachingStellarProcessorTest#testCaching > > > > > > > > >> > (nickwallen) closes apache/metron#1015 > > > > > > > > >> > 3 months ago METRON-1580 Release candidate check script > > > > requires > > > > > > Bro > > > > > > > > >> > Plugin (nickwallen via ottobackwards) closes > > > > apache/metron#1034 > > > > > > > > >> > 3 months ago METRON-1532 Getting started documentation > > > > > > improvements > > > > > > > > >> > (sardell via nickwallen) closes apache/metron#1001 > > > > > > > > >> > 3 months ago METRON-1577 Solr searches don't > include > > > the > > > > > > index > > > > > > > of > > > > > > > > >> the > > > > > > > > >> > result (merrimanr) closes apache/metron#1031 > > > > > > > > >> > 3 months ago METRON-1421 Create a SolrMetaAlertDao > > > > (justinleet) > > > > > > > closes > > > > > > > > >> > apache/metron#970 > > > > > > > > >> > 4 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 4 months ago METRON-1567 Large error message can't > be > > > > > written > > > > > > > in > > > > > > > > >> Solr > > > > > > > > >> > (justinleet) closes apache/metron#1020 > > > > > > > > >> > 4 months ago METRON-1540 Solr Integration tests should > use > > > > > actual > > > > > > > > >> schemas > > > > > > > > >> > (justinleet) closes apache/metron#1005 > > > > > > > > >> > 4 months ago Merge remote-tracking branch > 'origin/master' > > > into > > > > > > > > >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 4 months ago METRON-1526 Location field types cause > > > > > DocValuesField > > > > > > > > >> appear > > > > > > > > >> > more than once error (merrimanr via justinleet) closes > > > > > > > > apache/metron#995 > > > > > > > > >> > 5 months ago METRON-1503 Alerts are not getting > populated > > in > > > > > > alerts > > > > > > > UI > > > > > > > > >> > when search engine is Solr (merrimanr) closes > > > > apache/metron#975 > > > > > > > > >> > 6 months ago METRON-1424 Kerberos: Solr (merrimanr) > closes > > > > > > > > >> > apache/metron#960 > > > > > > > > >> > 6 months ago METRON-1482 Update REST to work with Solr > > > > > (merrimanr) > > > > > > > > >> closes > > > > > > > > >> > apache/metron#957 > > > > > > > > >> > 6 months ago METRON-1464 Convert schemas to be > compatible > > > with > > > > > > Solr > > > > > > > > >> 5.5.2 > > > > > > > > >> > (merrimanr) closes apache/metron#945 > > > > > > > > >> > 6 months ago METRON-1423 Ambari work to handle Solr > > > > > configuration > > > > > > > > >> > (merrimanr) closes apache/metron#934 > > > > > > > > >> > 6 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 7 months ago METRON-1448: Update SolrWriter to conform > to > > > new > > > > > > > > collection > > > > > > > > >> > strategy this closes apache/incubator-metron#929 > > > > > > > > >> > 7 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 7 months ago Merge branch 'master' into > > > > > > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> > 7 months ago METRON-1441: Create complementary Solr > > schemas > > > > for > > > > > > the > > > > > > > > main > > > > > > > > >> > sensors this closes apache/metron#922 > > > > > > > > >> > 7 months ago METRON-1436: Manually Install Solr Cloud in > > > Full > > > > > Dev > > > > > > > > >> > (mmiklavc via mmiklavc) closes apache/metron#918 > > > > > > > > >> > 7 months ago METRON-1419: Create a SolrDao this closes > > > > > > > > >> > apache/incubator-metron#911 > > > > > > > > >> > > > > > > > > > >> > > > > > > > > > >> > On Wed, Aug 15, 2018 at 2:15 PM Michael Miklavcic < > > > > > > > > >> > michael.miklav...@gmail.com> wrote: > > > > > > > > >> > > > > > > > > > >> >> +1 here as well to the proposed releases. > > > > > > > > >> >> > > > > > > > > >> >> On Wed, Aug 15, 2018 at 11:06 AM Casey Stella < > > > > > > ceste...@gmail.com> > > > > > > > > >> wrote: > > > > > > > > >> >> > > > > > > > > >> >> > +1 to both releases, this is plenty for an 0.6.0 and > a > > > > 0.2.0 > > > > > > > > >> >> > > > > > > > > > >> >> > On Wed, Aug 15, 2018 at 11:04 AM Justin Leet < > > > > > > > > justinjl...@gmail.com> > > > > > > > > >> >> > wrote: > > > > > > > > >> >> > > > > > > > > > >> >> > > I just sent a thread about release cadence. Jon, > I'd > > > > > > recommend > > > > > > > > >> >> starting a > > > > > > > > >> >> > > thread on a 1.0 roadmap. I thought about merging > the > > > > > > threads, > > > > > > > > but > > > > > > > > >> I > > > > > > > > >> >> > think > > > > > > > > >> >> > > that's just going to result in more crosstalk, so > > I'll > > > > let > > > > > > you > > > > > > > > >> start > > > > > > > > >> >> that > > > > > > > > >> >> > > conversation. > > > > > > > > >> >> > > > > > > > > > > >> >> > > On Wed, Aug 15, 2018 at 10:37 AM Nick Allen < > > > > > > > n...@nickallen.org> > > > > > > > > >> >> wrote: > > > > > > > > >> >> > > > > > > > > > > >> >> > > > +1 to a 0.6.0 release that includes the Pcap > Panel > > > and > > > > > Solr > > > > > > > > work. > > > > > > > > >> >> > > > > > > > > > > > >> >> > > > +1 to doing a 0.2.0 release for > > > > > metron-bro-plugin-kafka. I > > > > > > > > >> *think* > > > > > > > > >> >> we > > > > > > > > >> >> > > need > > > > > > > > >> >> > > > to do the plugin release first, so that the 0.6.0 > > > > Metron > > > > > > > > release > > > > > > > > >> >> will > > > > > > > > >> >> > > point > > > > > > > > >> >> > > > to plugin 0.2.0. > > > > > > > > >> >> > > > > > > > > > > > >> >> > > > FWIW, here are the changes since the last > release. > > > > > > > > >> >> > > > > > > > > > > > >> >> > > > 6 days ago METRON-1730: Update steps to run > pycapa > > on > > > > > > Centos > > > > > > > 6 > > > > > > > > >> >> > (mmiklavc > > > > > > > > >> >> > > > via mmiklavc) closes apache/metron#1152 > > > > > > > > >> >> > > > 2 weeks ago METRON-1701 Update General notes on > the > > > > > > > > installation > > > > > > > > >> of > > > > > > > > >> >> > > Pycapa > > > > > > > > >> >> > > > on Kerberized cluster (MohanDV via nickwallen) > > closes > > > > > > > > >> >> > apache/metron#1136 > > > > > > > > >> >> > > > 3 weeks ago METRON-1650 Packaging docker > containers > > > are > > > > > too > > > > > > > > large > > > > > > > > >> >> > > > (jameslamb via merrimanr) closes > apache/metron#1091 > > > > > > > > >> >> > > > 3 weeks ago METRON-1604 : Add RHEL 7 power pc to > OS > > > > > family > > > > > > > for > > > > > > > > >> the > > > > > > > > >> >> HCP > > > > > > > > >> >> > > > management pack repo info closes > > > > > > apache/incubator-metron#1052 > > > > > > > > >> >> > > > 3 weeks ago METRON-1687: Upgrade the rat plugin > to > > > > > > > > 0.13-SNAPSHOT > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/incubator-metron#1126 > > > > > > > > >> >> > > > 3 weeks ago METRON-1694: Clean up Metron REST > docs > > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1131 > > > > > > > > >> >> > > > 4 weeks ago METRON-1606 Add a 'wrap' to > > > > > incoming > > > > > > > > >> messages > > > > > > > > >> >> in > > > > > > > > >> >> > > the > > > > > > > > >> >> > > > metron json parser (ottobackwards) closes > > > > > > apache/metron#1054 > > > > > > > > >> >> > > > 4 weeks ago METRON-1672 Add metron-alerts's > UI > > > > unit > > > > > > > tests > > > > > > > > to > > > > > > > > >> >> > travis > > > > > > > > >> >> > > > build process (justinleet) closes > > apache/metron#1106 > > > > > > > > >> >> > > > 4 weeks ago METRON-1684 Fix Markdown problems in > > > > > > > > >> 3rdPartyParser.md > > > > > > > > >> >> > > > (justinleet) closes apache/metron#1110 > > > > > > > > >> >> > > > 4 weeks ago METRON-1657 Parser aggregation in > storm > > > > > > > > (justinleet) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1099 > > > > > > > > >> >> > > > 4 weeks ago METRON-1651 Fixing failing protractor > > e2e > > > > > test > > > > > > > > >> (tiborm > > > > > > > > >> >> via > > > > > > > > >> >> > > > merrimanr) closes apache/metron#1095 > > > > > > > > >> >> > > > 4 weeks ago METRON-1673 Fix Javadoc errors > > > (justinleet) > > > > > > > closes > > > > > > > > >> >> > > > apache/metron#1107 > > > > > > > > >> >> > > > 4 weeks ago METRON-1620: Fixes for forensic > > > clustering > > > > > use > > > > > > > case > > > > > > > > >> >> example > > > > > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1065 > > > > > > > > >> >> > > > 4 weeks ago METRON-1659: The platform-info.sh > > should > > > > > check > > > > > > > for > > > > > > > > >> the > > > > > > > > >> >> > > vagrant > > > > > > > > >> >> > > > hostmanager plugin closes > > > apache/incubator-metron#1100 > > > > > > > > >> >> > > > 4 weeks ago METRON-1658: Upgrade bro to 2.5.4 > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1101 > > > > > > > > >> >> > > > 4 weeks ago METRON-1236 Add start/stop/restart > > > commands > > > > > > that > > > > > > > > >> execute > > > > > > > > >> >> > > > successfully, when ambari agents run as non-root > > user > > > > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1105 > > > > > > > > >> >> > > > 4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR > test > > is > > > > > > locale > > > > > > > > >> >> sensitive > > > > > > > > >> >> > > > closes apache/incubator-metron#1104 > > > > > > > > >> >> > > > 5 weeks ago METRON-1660 On Solr, sorting by > threat > > > > score > > > > > > > fails > > > > > > > > >> >> > > (justinleet) > > > > > > > > >> >> > > > closes apache/metron#1102 > > > > > > > > >> >> > > > 5 weeks ago METRON-1656 Create KAKFA_SEEK > function > > > > > > > (nickwallen) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1097 > > > > > > > > >> >> > > > 5 weeks ago METRON-1644: Support parser chaining > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1084 > > > > > > > > >> >> > > > 5 weeks ago METRON-1655 Make REGEXP_MATCH take > > > multiple > > > > > > > regexs > > > > > > > > in > > > > > > > > >> >> the > > > > > > > > >> >> > 2nd > > > > > > > > >> >> > > > arg (ottobackwards) closes apache/metron#1098 > > > > > > > > >> >> > > > 6 weeks ago METRON-1643: Create a REGEX_ROUTING > > field > > > > > > > > >> transformation > > > > > > > > >> >> > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1083 > > > > > > > > >> >> > > > 6 weeks ago METRON-1652 Document X-Pack Common > > > Problem > > > > > > > > >> (nickwallen) > > > > > > > > >> >> > > closes > > > > > > > > >> >> > > > apache/metron#1092 > > > > > > > > >> >> > > > 6 weeks ago METRON-1649 Intermittent Test Failure > > > > > > > > >> >> > > > ProfileBuilderBoltTest#testFlushExpiredProfiles > > > > > > > > >> >> > > > (nickwallen) closes apache/metron#1090 > > > > > > > > >> >> > > > 6 weeks ago METRON-1635 Alerts UI status update > > > > > > doesn't > > > > > > > > >> >> > immediately > > > > > > > > >> >> > > > show up (merrimanr) closes apache/metron#1080 > > > > > > > > >> >> > > > 6 weeks ago METRON-1642: KafkaWriter should be > able > > > > > choose > > > > > > > the > > > > > > > > >> topic > > > > > > > > >> >> > > from a > > > > > > > > >> >> > > > field in addition to topology construction time > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1082 > > > > > > > > >> >> > > > 6 weeks ago METRON-1636: Fix broken unit test > setup > > > in > > > > > > > > >> metron-alerts > > > > > > > > >> >> > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1085 > > > > > > > > >> >> > > > 7 weeks ago METRON-1631 Alerts UI: Dash score > does > > > not > > > > > show > > > > > > > if > > > > > > > > >> only > > > > > > > > >> >> > > > filtering by one group (sardell via merrimanr) > > closes > > > > > > > > >> >> > apache/metron#1079 > > > > > > > > >> >> > > > 7 weeks ago METRON-1647 Fix logging level score > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1089 > > > > > > > > >> >> > > > 7 weeks ago METRON-1621: Sorting alerts table by > > > score > > > > > > closes > > > > > > > > >> >> > > > apache/incubator-metron#1088 > > > > > > > > >> >> > > > 7 weeks ago METRON-1619: Stellar empty > collections > > > > should > > > > > > be > > > > > > > > >> >> considered > > > > > > > > >> >> > > > false in boolean expressions closes > > > > > > > > apache/incubator-metron#1064 > > > > > > > > >> >> > > > 7 weeks ago METRON-1646 Sensor Stubs should work > > when > > > > > > > > kerberized > > > > > > > > >> >> > > > (nickwallen) closes apache/metron#1087 > > > > > > > > >> >> > > > 7 weeks ago METRON-1645: Check wether the Solr > > > > management > > > > > > > pack > > > > > > > > is > > > > > > > > >> >> > > installed > > > > > > > > >> >> > > > before configuring the solr principal name. > closes > > > > > > > > >> >> > > > apache/incubator-metron#1086 > > > > > > > > >> >> > > > 7 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 7 weeks ago METRON-1634 Alerts UI add comment > > > > > doesn't > > > > > > > > >> >> immediately > > > > > > > > >> >> > > show > > > > > > > > >> >> > > > up. (merrimanr) closes apache/metron#1077 > > > > > > > > >> >> > > > 7 weeks ago METRON-1489 Retrofit UI tests to run > > > > reliably > > > > > > > > during > > > > > > > > >> >> > nightly > > > > > > > > >> >> > > QE > > > > > > > > >> >> > > > runs (sardell via nickwallen) closes > > > apache/metron#1004 > > > > > > > > >> >> > > > 7 weeks ago METRON-1637 Wrong path to escalate > > alert > > > > REST > > > > > > > > >> endpoint > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#1078 > > > > > > > > >> >> > > > 8 weeks ago METRON-1624 Set Profiler and > Enrichment > > > > batch > > > > > > > > >> >> parameters in > > > > > > > > >> >> > > > Ambari (nickwallen) closes apache/metron#1069 > > > > > > > > >> >> > > > 8 weeks ago Merge remote-tracking branch > > > > 'origin/master' > > > > > > into > > > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 8 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > (nickwallen) closes apache/metron#1075 > > > > > > > > >> >> > > > 8 weeks ago METRON-1629 Update Solr documentation > > > > > > (merrimanr > > > > > > > > via > > > > > > > > >> >> > > > justinleet) closes apache/metron#1072 > > > > > > > > >> >> > > > 8 weeks ago METRON-1633 Incorrect instructions > when > > > > > merging > > > > > > > PR > > > > > > > > >> into > > > > > > > > >> >> > > feature > > > > > > > > >> >> > > > branch (nickwallen) closes apache/metron#1074 > > > > > > > > >> >> > > > 8 weeks ago METRON-1630 Add > > threat.triage.score.field > > > > to > > > > > > > > READMEs > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#1073 > > > > > > > > >> >> > > > 8 weeks ago METRON-1609 Elasticsearch settings in > > > > Ambari > > > > > > > should > > > > > > > > >> not > > > > > > > > >> >> be > > > > > > > > >> >> > > > required if Solr is the indexer (nickwallen) > closes > > > > > > > > >> >> apache/metron#1056 > > > > > > > > >> >> > > > 8 weeks ago METRON-1627 Alerts UI: Metaalert > > details > > > > > > missing > > > > > > > in > > > > > > > > >> >> details > > > > > > > > >> >> > > > panel when trying to add alert to existing > > metaalert > > > > > > (sardell > > > > > > > > via > > > > > > > > >> >> > > > justinleet) closes apache/metron#1070 > > > > > > > > >> >> > > > 8 weeks ago METRON-1625 Merge master into Solr > > > feature > > > > > > branch > > > > > > > > >> >> > (merrimanr) > > > > > > > > >> >> > > > closes apache/metron#1067 > > > > > > > > >> >> > > > 8 weeks ago METRON-1626 Alerts UI: An empty > result > > is > > > > > > > returned > > > > > > > > >> when > > > > > > > > >> >> > > > searching for a single alert contained in a > > metaalert > > > > > > > (sardell > > > > > > > > >> via > > > > > > > > >> >> > > > nickwallen) closes apache/metron#1068 > > > > > > > > >> >> > > > 8 weeks ago METRON-1611 Increment master version > > > number > > > > > to > > > > > > > > 0.5.1 > > > > > > > > >> for > > > > > > > > >> >> > > > on-going development (justinleet) closes > > > > > apache/metron#1057 > > > > > > > > >> >> > > > 8 weeks ago METRON-1622 Allow user to define > global > > > > > > property > > > > > > > > >> >> > > > 'threat.triage.score.field' in Ambari > (nickwallen) > > > > closes > > > > > > > > >> >> > > > apache/metron#1066 > > > > > > > > >> >> > > > 8 weeks ago METRON-1599 Allow user to define > global > > > > > > property > > > > > > > > >> >> > > > 'source.type.field' in Ambari (nickwallen) closes > > > > > > > > >> apache/metron#1047 > > > > > > > > >> >> > > > 8 weeks ago METRON-1616 Changing alert status > fails > > > if > > > > no > > > > > > > > >> metaalerts > > > > > > > > >> >> > have > > > > > > > > >> >> > > > been created yet (merrimanr) closes > > > apache/metron#1061 > > > > > > > > >> >> > > > 8 weeks ago METRON-1573 Enhance KAFKA_* functions > > to > > > > > return > > > > > > > > >> >> partition > > > > > > > > >> >> > and > > > > > > > > >> >> > > > offset details (nickwallen) closes > > apache/metron#1030 > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago METRON-1617: Make threat triage score > > > > > function > > > > > > > with > > > > > > > > >> >> dots as > > > > > > > > >> >> > > > well as colons closes > apache/incubator-metron#1062 > > > > > > > > >> >> > > > 9 weeks ago METRON-1613 Metaalerts status update > > > broken > > > > > in > > > > > > > > >> Alerts UI > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#1059 > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago METRON-1588 Migrate > storm-kafka-client > > to > > > > > 1.2.1 > > > > > > > > >> closes > > > > > > > > >> >> > > > apache/incubator-metron#1039 > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago Merge branch > > > > > 'feature/METRON-1416-upgrade-solr' > > > > > > > of > > > > > > > > >> >> > > > https://git-wip-us.apache.org/repos/asf/metron > > into > > > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago Merge branch 'master' into > > > > > > > > >> >> feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 9 weeks ago METRON-1587 Make collection utility > > work > > > > for > > > > > > HDP > > > > > > > > >> search > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#1043 > > > > > > > > >> >> > > > 9 weeks ago METRON-1612 Fix website download > links > > > > > > > (justinleet) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1058 > > > > > > > > >> >> > > > 9 weeks ago METRON-1608 Add configuration for > > > > > > > > threat.triage.field > > > > > > > > >> >> name > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#1055 > > > > > > > > >> >> > > > 10 weeks ago METRON-1585 SolrRetrieveLatestDao > does > > > not > > > > > use > > > > > > > the > > > > > > > > >> >> > > collection > > > > > > > > >> >> > > > lookup (justinleet via merrimanr) closes > > > > > apache/metron#1050 > > > > > > > > >> >> > > > 10 weeks ago METRON-1533 Create KAFKA_FIND > Stellar > > > > > Function > > > > > > > > >> >> > (nickwallen) > > > > > > > > >> >> > > > closes apache/metron#1025 > > > > > > > > >> >> > > > 10 weeks ago METRON-1601: Rename metaalert alert > > > nested > > > > > > field > > > > > > > > to > > > > > > > > >> >> > > > metron_alert to avoid collision closes > > > > > > > > >> apache/incubator-metron#1049 > > > > > > > > >> >> > > > 10 weeks ago METRON-1572 Enhance KAFKA_PUT > function > > > > > > > > (nickwallen) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1024 > > > > > > > > >> >> > > > 10 weeks ago METRON-1607 update public web site > to > > > > point > > > > > at > > > > > > > > 0.5.0 > > > > > > > > >> >> new > > > > > > > > >> >> > > > release (justinleet) closes apache/metron#1053 > > > > > > > > >> >> > > > 10 weeks ago METRON-1568: Stellar should have a _ > > > > special > > > > > > > > >> variable > > > > > > > > >> >> > which > > > > > > > > >> >> > > > returns the message in map form closes > > > > > > > > >> apache/incubator-metron#1021 > > > > > > > > >> >> > > > 2 months ago METRON-1594: KafkaWriter is > > asynchronous > > > > and > > > > > > may > > > > > > > > >> lose > > > > > > > > >> >> data > > > > > > > > >> >> > > on > > > > > > > > >> >> > > > node failure (mmiklavc via mmiklavc) closes > > > > > > > apache/metron#1045 > > > > > > > > >> >> > > > 2 months ago METRON-1603: Fix multivalue field > > errors > > > > in > > > > > > Bro > > > > > > > > Solr > > > > > > > > >> >> > schema > > > > > > > > >> >> > > > (mmiklavc via mmiklavc) closes apache/metron#1051 > > > > > > > > >> >> > > > 2 months ago METRON-1584 Indexing Topology > Crashes > > > with > > > > > > > Invalid > > > > > > > > >> >> Message > > > > > > > > >> >> > > > (nickwallen) closes apache/metron#1036 > > > > > > > > >> >> > > > 2 months ago METRON-1547 Solr Comment Fields > > > > (justinleet) > > > > > > > > closes > > > > > > > > >> >> > > > apache/metron#1037 > > > > > > > > >> >> > > > 2 months ago METRON-1553 Validate JIRA Script > Error > > > > > > > > (nickwallen) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1013 > > > > > > > > >> >> > > > 2 months ago METRON-1592 Unable to use third > party > > > > parser > > > > > > > with > > > > > > > > >> Storm > > > > > > > > >> >> > > > versions >= 1.1.0 (nickwallen) closes > > > > apache/metron#1042 > > > > > > > > >> >> > > > 2 months ago METRON-1598 NoClassDefFoundError > when > > > > > running > > > > > > > with > > > > > > > > >> >> > > > Elasticsearch X-Pack (nickwallen) closes > > > > > apache/metron#1048 > > > > > > > > >> >> > > > 2 months ago METRON-1589 '/api/v1/search/search' > > > fails > > > > > when > > > > > > > > 'Solr > > > > > > > > >> >> > > Zookeeper > > > > > > > > >> >> > > > Urls' has comma separated multiple zookeeper urls > > > > > > > (justinleet) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#1040 > > > > > > > > >> >> > > > 2 months ago METRON-1593 Setting Metron rest > > > additional > > > > > > > > classpath > > > > > > > > >> >> > removes > > > > > > > > >> >> > > > HBase and Hadoop configs from classpath > (merrimanr) > > > > > closes > > > > > > > > >> >> > > > apache/metron#1044 > > > > > > > > >> >> > > > 3 months ago METRON-1571 Correct KAFKA_TAIL Seek > to > > > End > > > > > > Logic > > > > > > > > >> >> > > (nickwallen) > > > > > > > > >> >> > > > closes apache/metron#1023 > > > > > > > > >> >> > > > 3 months ago METRON-1579: Stellar should return > the > > > > > > > expression > > > > > > > > >> that > > > > > > > > >> >> > > failed > > > > > > > > >> >> > > > in the exception closes > > apache/incubator-metron#1033 > > > > > > > > >> >> > > > 3 months ago METRON-1586 Defaulting for the > source > > > type > > > > > > field > > > > > > > > in > > > > > > > > >> >> alerts > > > > > > > > >> >> > > UI > > > > > > > > >> >> > > > does not work (merrimanr via justinleet) closes > > > > > > > > >> apache/metron#1038 > > > > > > > > >> >> > > > 3 months ago METRON-1569: Allow user to change > > field > > > > name > > > > > > > > >> conversion > > > > > > > > >> >> > when > > > > > > > > >> >> > > > indexing to Elasticsearch (nickwallen via > mmiklavc) > > > > > closes > > > > > > > > >> >> > > > apache/metron#1022 > > > > > > > > >> >> > > > 3 months ago METRON-1544 Flaky test: > > > > > > > > >> >> org.apache.metron.stellar.common. > > > > > > > > >> >> > > > CachingStellarProcessorTest#testCaching > > (nickwallen) > > > > > closes > > > > > > > > >> >> > > > apache/metron#1015 > > > > > > > > >> >> > > > 3 months ago METRON-1580 Release candidate check > > > script > > > > > > > > requires > > > > > > > > >> Bro > > > > > > > > >> >> > > Plugin > > > > > > > > >> >> > > > (nickwallen via ottobackwards) closes > > > > apache/metron#1034 > > > > > > > > >> >> > > > 3 months ago METRON-1532 Getting started > > > documentation > > > > > > > > >> improvements > > > > > > > > >> >> > > > (sardell via nickwallen) closes > apache/metron#1001 > > > > > > > > >> >> > > > 3 months ago METRON-1577 Solr searches don't > > > > include > > > > > > the > > > > > > > > >> index > > > > > > > > >> >> of > > > > > > > > >> >> > > the > > > > > > > > >> >> > > > result (merrimanr) closes apache/metron#1031 > > > > > > > > >> >> > > > 3 months ago METRON-1421 Create a > SolrMetaAlertDao > > > > > > > (justinleet) > > > > > > > > >> >> closes > > > > > > > > >> >> > > > apache/metron#970 > > > > > > > > >> >> > > > 3 months ago Merge branch 'master' into > > > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 3 months ago METRON-1567 Large error message > > > can't > > > > > be > > > > > > > > >> written > > > > > > > > >> >> in > > > > > > > > >> >> > > Solr > > > > > > > > >> >> > > > (justinleet) closes apache/metron#1020 > > > > > > > > >> >> > > > 4 months ago METRON-1540 Solr Integration tests > > > should > > > > > use > > > > > > > > actual > > > > > > > > >> >> > schemas > > > > > > > > >> >> > > > (justinleet) closes apache/metron#1005 > > > > > > > > >> >> > > > 4 months ago Merge remote-tracking branch > > > > 'origin/master' > > > > > > > into > > > > > > > > >> >> > > > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 4 months ago METRON-1526 Location field types > cause > > > > > > > > >> DocValuesField > > > > > > > > >> >> > appear > > > > > > > > >> >> > > > more than once error (merrimanr via justinleet) > > > closes > > > > > > > > >> >> > apache/metron#995 > > > > > > > > >> >> > > > 4 months ago METRON-1503 Alerts are not getting > > > > populated > > > > > > in > > > > > > > > >> alerts > > > > > > > > >> >> UI > > > > > > > > >> >> > > when > > > > > > > > >> >> > > > search engine is Solr (merrimanr) closes > > > > > apache/metron#975 > > > > > > > > >> >> > > > 5 months ago METRON-1424 Kerberos: Solr > (merrimanr) > > > > > closes > > > > > > > > >> >> > > > apache/metron#960 > > > > > > > > >> >> > > > 5 months ago METRON-1482 Update REST to work with > > > Solr > > > > > > > > >> (merrimanr) > > > > > > > > >> >> > closes > > > > > > > > >> >> > > > apache/metron#957 > > > > > > > > >> >> > > > 5 months ago METRON-1464 Convert schemas to be > > > > compatible > > > > > > > with > > > > > > > > >> Solr > > > > > > > > >> >> > 5.5.2 > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#945 > > > > > > > > >> >> > > > 6 months ago METRON-1423 Ambari work to handle > Solr > > > > > > > > configuration > > > > > > > > >> >> > > > (merrimanr) closes apache/metron#934 > > > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 6 months ago METRON-1448: Update SolrWriter to > > > conform > > > > to > > > > > > new > > > > > > > > >> >> > collection > > > > > > > > >> >> > > > strategy this closes apache/incubator-metron#929 > > > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 6 months ago Merge branch 'master' into > > > > > > > > >> >> > feature/METRON-1416-upgrade-solr > > > > > > > > >> >> > > > 6 months ago METRON-1441: Create complementary > Solr > > > > > schemas > > > > > > > for > > > -- Jon