GitHub user 2xyo opened a pull request:
https://github.com/apache/incubator-metron/pull/313
METRON-500: fix assembly id
The build on current master fails because is empty.
In previous versions of maven (before 2.2 final), leaving off the assembly
id and leaving the
Github user merrimanr commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/308#discussion_r83749245
--- Diff:
metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/bolt/ParserBolt.java
---
@@ -168,4 +177,12 @@ public void
Github user kylerichardson commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/276#discussion_r83768223
--- Diff:
metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/utils/SyslogUtils.java
---
@@ -0,0 +1,125 @@
+/**
Congrats Otto!
Jon
On Mon, Oct 17, 2016 at 1:33 PM Casey Stella wrote:
> Welcome aboard, Otto!
>
> On Mon, Oct 17, 2016 at 1:32 PM, David Lyle wrote:
>
> > Welcome Otto!
> >
> > -D...
> >
> >
> > On Mon, Oct 17, 2016 at 1:31 PM, James Sirota
Can I vote for neither? I believe that is_alert is primarily intended for
use by a SOC Analyst (assumed level 1) before it gets passed to a SOC
Investigator, Forensic Investigator, etc., and that a message which failed
a threat triage rule should instead come to the attention the SOC
Investigator
You certainly can vote for neither. :)
Just for clarity, is_alert is not set by the triage code. Only messages
which are alerts already are triaged. I wasn't clear in how I explained
that, so sorry about that. Option 1 would just send the data through
untriaged and 2 would skip the bad rule
That's more aggressive than I would have initially suggested, but I would
be on board with that sort of a meeting. Interested to see how others
feel.
Jon
On Mon, Oct 17, 2016 at 1:40 PM James Sirota wrote:
> Fair criticism. Would you like to call a recurring meeting where
My thoughts here essentially devolve into a selfish interest in alerts
separate from a SOC analyst style alert in order to facilitate
notifications such as larger issues with a topology, extremely high latency
for an enrichment, a drop off in certain types of sensor traffic, etc. I
feel like
Github user merrimanr commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/308#discussion_r83749198
--- Diff:
metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/bolt/ParserBolt.java
---
@@ -116,6 +122,9 @@ public void
Github user cestella commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/312#discussion_r83660563
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/dsl/functions/SystemFunctions.java
---
@@ -0,0 +1,75 @@
+/**
Github user cestella commented on the issue:
https://github.com/apache/incubator-metron/pull/311
@ottobackwards I was suggesting that `printBadResults` take a StringBuffer
where what would be printed is accumulated and then passed back. Then in the
individual tests, you could decide
Github user cestella commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/312#discussion_r83646243
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/dsl/BaseStellarFunction.java
---
@@ -18,8 +18,10 @@
package
Github user cestella commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/311#discussion_r83644949
--- Diff:
metron-platform/metron-integration-test/src/main/java/org/apache/metron/integration/ProcessorResult.java
---
@@ -0,0 +1,90 @@
+/**
Great stuff! Very useful information. Thanks for hosting.
-Kyle
On Sat, Oct 15, 2016 at 3:57 AM, Yohann Lepage wrote:
> Hi James,
>
> Thanks for the recording!
>
> Could you please also update the "Meeting Notes" page on the wiki with
> the link to the recording?
>
>
Github user cestella commented on a diff in the pull request:
https://github.com/apache/incubator-metron/pull/311#discussion_r83644732
--- Diff:
metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/integration/EnrichmentIntegrationTest.java
---
@@ -160,16
Github user asfgit closed the pull request at:
https://github.com/apache/incubator-metron/pull/303
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the
Hi Everyone,
I'd like to get a bit more systematic about how we release and I wanted
some clarification and advice about suggested release process.
The last release, we
- opened up the release via an announce thread that gave people the
opportunity to object and add JIRAs they felt were
Hi Everyone,
When we have a Field Transformation which is in error in the parser, the
current behavior is to send the message in question to the error queue. I
wanted to have a discussion around what the correct state of affairs for
this is.
The way I see it, we have one of two options:
1.
1 for me.
The Stellar transformations are part of creating a compete document ( along
with the parsing ) that will be passed to other topologies for further
processing. Failure on either side should be an error. This avoids
inconsistency downstream and other problems. If Metron were to allow
Thank you everyone, happy to pitch in.
On October 17, 2016 at 13:31:13, James Sirota (jsir...@apache.org) wrote:
The Podling Project Management Committee (PPMC) for Apache Metron
(Incubating)
has asked Otto Fowler to become a committer and we are pleased
to announce that they have accepted.
20 matches
Mail list logo