[ https://issues.apache.org/jira/browse/METRON-939?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16171632#comment-16171632 ]
ASF GitHub Bot commented on METRON-939: --------------------------------------- Github user justinleet commented on the issue: https://github.com/apache/metron/pull/619 As a note, this ticket is slightly impacted by the metaalerts backend ticket (https://github.com/apache/metron/pull/734). The alerts field in the various templates should be removed and the search queries for meta alerts updated according to https://www.elastic.co/guide/en/elasticsearch/reference/current/search-request-sort.html#_ignoring_unmapped_fields, in order to allow for searches against metaalerts without having to have an alert field in each template. > Upgrade ElasticSearch and Kibana > -------------------------------- > > Key: METRON-939 > URL: https://issues.apache.org/jira/browse/METRON-939 > Project: Metron > Issue Type: Improvement > Reporter: Jon Zeolla > > Upgrade ElasticSearch and Kibana (latest is 5.4 as of writing this). Among > other benefits, this allows us to use periods in field names > (https://github.com/elastic/elasticsearch/pull/19937/files), which has been > available as of 5.0 and 2.4, and the ability to index an IPv6 address > properly > (https://www.elastic.co/blog/indexing-ipv6-addresses-in-elasticsearch). -- This message was sent by Atlassian JIRA (v6.4.14#64029)