[GitHub] metron pull request #895: METRON-1394:Create Rest endpoint to add the ACL fo...
GitHub user MohanDV opened a pull request: https://github.com/apache/metron/pull/895 METRON-1394:Create Rest endpoint to add the ACL for current user to kafka topics ## Contributor Comments Creating a kafka topic using the rest endpoint doesn't add the required ACL to topic for the current user automatically. This will cause the all other kafka operation rest endpoints fail including listing the topics. Added rest endpoint to add ACL's for the current user to a kafka topic and updated the readme, also added code to automatically add the required ACL to the current use while creating new topic. **Steps to Verify manually** 1. Spin up Full Dev 2. Go to Swagger at http://node1:8082/swagger-ui.html#/kafka-controller 3. Create a kafka topic using (/api/v1/kafka/topic) 4. List all the kafka topics using (/api/v1/kafka/topic) 5. You should see the list of all kafka topics including newly created topic without any authorization error. ## Pull Request Checklist Thank you for submitting a contribution to Apache Metron. Please refer to our [Development Guidelines](https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=61332235) for the complete guide to follow for contributions. Please refer also to our [Build Verification Guidelines](https://cwiki.apache.org/confluence/display/METRON/Verifying+Builds?show-miniview) for complete smoke testing guides. In order to streamline the review of the contribution we ask you follow these guidelines and ask you to double check the following: ### For all changes: - [x] Is there a JIRA ticket associated with this PR? If not one needs to be created at [Metron Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel). - [x] Does your PR title start with METRON- where is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character. - [x] Has your PR been rebased against the latest commit within the target branch (typically master)? ### For code changes: - [x] Have you included steps to reproduce the behavior or problem that is being changed or addressed? - [x] Have you included steps or a guide to how the change may be verified and tested manually? - [] Have you ensured that the full suite of tests and checks have been executed in the root metron folder via: ``` mvn -q clean integration-test install && build_utils/verify_licenses.sh ``` - [x] Have you written or updated unit tests and or integration tests to verify your changes? - [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)? - [x] Have you verified the basic functionality of the build by building and running locally with Vagrant full-dev environment or the equivalent? ### For documentation related changes: - [x] Have you ensured that format looks appropriate for the output in which it is rendered by building and verifying the site-book? If not then run the following commands and the verify changes via `site-book/target/site/index.html`: ``` cd site-book mvn site ``` Note: Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible. It is also recommended that [travis-ci](https://travis-ci.org) is set up for your personal repository such that your branches are built there before submitting a pull request. You can merge this pull request into a Git repository by running: $ git pull https://github.com/MohanDV/metron METRON-1394 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/metron/pull/895.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #895 commit 08340485c2e51109df32e9880b572a84511dccb8 Author: Mohan Venkateshaiah Date: 2018-01-11T12:17:02Z Created a rest endpoint to add the required ACL to topic for the current user. Also added the code to provide the required ACL for newly created tpics to current user automatically. ---
Anand is a new Committer!
The Project Management Committee (PMC) for Apache Metron has invited Anand Subramanian to become a committer and we are pleased to announce that they have accepted. Congratulations and welcome, Anand!
Re: Anand is a new Committer!
Congrats, Anand! On Thu, Jan 11, 2018 at 9:29 AM, Casey Stella wrote: > The Project Management Committee (PMC) for Apache Metron has invited Anand > Subramanian to become a committer and we are pleased to announce that they > have accepted. > > Congratulations and welcome, Anand! >
[GitHub] metron pull request #889: METRON-1390: Swagger UI for "Web Security Config" ...
Github user asfgit closed the pull request at: https://github.com/apache/metron/pull/889 ---
Re: Anand is a new Committer!
Well deserved, Anand. Welcome! -D... On Thu, Jan 11, 2018 at 9:30 AM, Justin Leet wrote: > Congrats, Anand! > > On Thu, Jan 11, 2018 at 9:29 AM, Casey Stella wrote: > > > The Project Management Committee (PMC) for Apache Metron has invited > Anand > > Subramanian to become a committer and we are pleased to announce that > they > > have accepted. > > > > Congratulations and welcome, Anand! > > >
Re: Anand is a new Committer!
Congratulations and welcome Anand! On January 11, 2018 at 09:29:24, Casey Stella (ceste...@gmail.com) wrote: The Project Management Committee (PMC) for Apache Metron has invited Anand Subramanian to become a committer and we are pleased to announce that they have accepted. Congratulations and welcome, Anand!
Re: Anand is a new Committer!
Welcome aboard, Anand! Congrats Jon On Thu, Jan 11, 2018 at 10:41 AM Otto Fowler wrote: > Congratulations and welcome Anand! > > > On January 11, 2018 at 09:29:24, Casey Stella (ceste...@gmail.com) wrote: > > The Project Management Committee (PMC) for Apache Metron has invited Anand > Subramanian to become a committer and we are pleased to announce that they > have accepted. > > Congratulations and welcome, Anand! > -- Jon
Re: Anand is a new Committer!
Congrats Anand ! On 1/11/18, 7:59 PM, "Casey Stella" wrote: The Project Management Committee (PMC) for Apache Metron has invited Anand Subramanian to become a committer and we are pleased to announce that they have accepted. Congratulations and welcome, Anand!
[GitHub] metron issue #894: METRON-1326: Metron deploy with Kerberos fails on Ambari ...
Github user mmiklavc commented on the issue: https://github.com/apache/metron/pull/894 ### Testing 1. Spin up full dev 2. Check that ES and Kibana are up as normal 3. Try the following operations - all should succeed without error in Ambari - Restart Kibana - Restart ES - Stop Kibana - Stop ES - Start Kibana - Start ES ---
[GitHub] metron pull request #896: METRON-1396: Fix .gitignore files to not ignore th...
GitHub user justinleet opened a pull request: https://github.com/apache/metron/pull/896 METRON-1396: Fix .gitignore files to not ignore themselves ## Contributor Comments The relevant files are already in git, it's a trivial fix to just add the reinclusion. See https://git-scm.com/docs/gitignore, under `Pattern Format`. The files are in git already, so it's pretty benign, but I suspect weirdness could occur, and this is more correct. And also it just bothered me. ## Pull Request Checklist Thank you for submitting a contribution to Apache Metron. Please refer to our [Development Guidelines](https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=61332235) for the complete guide to follow for contributions. Please refer also to our [Build Verification Guidelines](https://cwiki.apache.org/confluence/display/METRON/Verifying+Builds?show-miniview) for complete smoke testing guides. In order to streamline the review of the contribution we ask you follow these guidelines and ask you to double check the following: ### For all changes: - [x] Is there a JIRA ticket associated with this PR? If not one needs to be created at [Metron Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel). - [x] Does your PR title start with METRON- where is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character. - [x] Has your PR been rebased against the latest commit within the target branch (typically master)? Note: Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible. It is also recommended that [travis-ci](https://travis-ci.org) is set up for your personal repository such that your branches are built there before submitting a pull request. You can merge this pull request into a Git repository by running: $ git pull https://github.com/justinleet/metron gitignore_fix Alternatively you can review and apply these changes as the patch at: https://github.com/apache/metron/pull/896.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #896 commit ff2e6db651cf49461b56092940b119d476719eeb Author: justinjleet Date: 2018-01-11T19:47:47Z Don't have gitignore ignore itself ---
[GitHub] metron issue #896: METRON-1396: Fix .gitignore files to not ignore themselve...
Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/896 +1 by inspection ---
[GitHub] metron issue #872: METRON-1366: Add an entropy stellar function
Github user mmiklavc commented on the issue: https://github.com/apache/metron/pull/872 Nice addition! +1 from me as well, via inspection. ---
[GitHub] metron pull request #872: METRON-1366: Add an entropy stellar function
Github user asfgit closed the pull request at: https://github.com/apache/metron/pull/872 ---
[GitHub] metron pull request #863: METRON-1347: Indexing Topology should fail tuples ...
Github user cestella commented on a diff in the pull request: https://github.com/apache/metron/pull/863#discussion_r161087829 --- Diff: metron-platform/metron-indexing/README.md --- @@ -15,6 +15,12 @@ Indices are written in batch and the batch size and batch timeout are specified [Sensor Indexing Configuration](#sensor-indexing-configuration) via the `batchSize` and `batchTimeout` parameters. These configs are variable by sensor type. +## Minimal Assumptions for Message Structure + +At minimum, a message should have a `sensor.type` field. --- End diff -- whoops, yes, typo. corrected. ---
[GitHub] metron issue #896: METRON-1396: Fix .gitignore files to not ignore themselve...
Github user mmiklavc commented on the issue: https://github.com/apache/metron/pull/896 +1 by inspection ---
[GitHub] metron issue #863: METRON-1347: Indexing Topology should fail tuples without...
Github user mmiklavc commented on the issue: https://github.com/apache/metron/pull/863 Are all questions on required fields resolved per @cestella's comments/clarification? ---
Re: Metron nested object
Simon,
With the risk of sounding like an heretic:
Is there any particular reason Metron still considers ES as the
"default"[1] fast access data store?
Sometimes I wonder if we wouldn't be better off leveraging schema evolution
friendly formats with UIs like SuperSets?
Probably not as fast as ES but at least it would be one less development
front to handle.
Keen to hear your thoughts
Cheers
[1] I appreciate the architecture is flexible...
[-] Apologies for the delay but I suspect my previous message got stuck in
moderation
On Fri, Dec 22, 2017 at 3:59 AM, Simon Elliston Ball <
si...@simonellistonball.com> wrote:
> Correct, nested objects in lucene indexes lead to sub-documents, which
> leads to a massive drop in ingest and query rates, this is why the JSONMap
> parser for example deliberately flattens the Metorn JSON object. Before
> this decision was made, very early versions of OpenSOC nested enrichments
> for example, but performance became a challenge.
>
> Simon
>
>
> > On 21 Dec 2017, at 13:57, Ali Nazemian wrote:
> >
> > So Metron enrichment and indexer are not nested aware? Is there any plan
> to
> > add that to Metron in future?
> >
> > Cheers,
> > Ali
> >
> > On Fri, Dec 22, 2017 at 12:46 AM, Otto Fowler
> > wrote:
> >
> >> I believe right now you have to flatten.
> >> The jsonMap parser does this.
> >>
> >>
> >> On December 21, 2017 at 08:28:13, Ali Nazemian (alinazem...@gmail.com)
> >> wrote:
> >>
> >> Hi all,
> >>
> >>
> >> We have recently faced some data sources that generate data in a nested
> >> format. For example, AWS Cloudtrail generates data in the following JSON
> >> format:
> >>
> >> {
> >>
> >> "Records": [
> >>
> >> {
> >>
> >> "eventVersion": *"2.0"*,
> >>
> >> "userIdentity": {
> >>
> >> "type": *"IAMUser"*,
> >>
> >> "principalId": *"EX_PRINCIPAL_ID"*,
> >>
> >> "arn": *"arn:aws:iam::123456789012:user/Alice"*,
> >>
> >> "accessKeyId": *"EXAMPLE_KEY_ID"*,
> >>
> >> "accountId": *"123456789012"*,
> >>
> >> "userName": *"Alice"*
> >>
> >> },
> >>
> >> "eventTime": *"2014-03-07T21:22:54Z"*,
> >>
> >> "eventSource": *"ec2.amazonaws.com "*,
> >>
> >> "eventName": *"StartInstances"*,
> >>
> >> "awsRegion": *"us-east-2"*,
> >>
> >> "sourceIPAddress": *"205.251.233.176"*,
> >>
> >> "userAgent": *"ec2-api-tools 1.6.12.2"*,
> >>
> >> "requestParameters": {
> >>
> >> "instancesSet": {
> >>
> >> "items": [
> >>
> >> {
> >>
> >> "instanceId": *"i-ebeaf9e2"*
> >>
> >> }
> >>
> >> ]
> >>
> >> }
> >>
> >> },
> >>
> >> "responseElements": {
> >>
> >> "instancesSet": {
> >>
> >> "items": [
> >>
> >> {
> >>
> >> "instanceId": *"i-ebeaf9e2"*,
> >>
> >> "currentState": {
> >>
> >> "code": 0,
> >>
> >> "name": *"pending"*
> >>
> >> },
> >>
> >> "previousState": {
> >>
> >> "code": 80,
> >>
> >> "name": *"stopped"*
> >>
> >> }
> >>
> >> }
> >>
> >> ]
> >>
> >> }
> >>
> >> }
> >>
> >> }
> >>
> >> ]
> >>
> >> }
> >>
> >>
> >> We are able to make this as a flat JSON file. However, a nested object
> is
> >> supported by data backends in Metron (ES, ORC, etc.), so I was wondering
> >> whether with the current version of Metron we are able to index nested
> >> documents or we have to make it flat?
> >>
> >>
> >>
> >> Cheers,
> >>
> >> Ali
> >>
> >>
> >
> >
> > --
> > A.Nazemian
>
>
Re: Metron nested object
I’m all for adding extra stores, especially once we have separated indexing
topologies.
Druid (and therefore a ui based on superset) seems an obvious logical store to
me. That said, the scheme management starts to feel like it needs some thought
once we have enough range of schema sensitive stores (though I guess Druid is
no different from ES in that regard).
Simon
> On 11 Jan 2018, at 20:34, Andre wrote:
>
> Simon,
>
> With the risk of sounding like an heretic:
>
> Is there any particular reason Metron still considers ES as the
> "default"[1] fast access data store?
>
> Sometimes I wonder if we wouldn't be better off leveraging schema evolution
> friendly formats with UIs like SuperSets?
>
> Probably not as fast as ES but at least it would be one less development
> front to handle.
>
> Keen to hear your thoughts
>
>
> Cheers
>
>
>
> [1] I appreciate the architecture is flexible...
> [-] Apologies for the delay but I suspect my previous message got stuck in
> moderation
>
> On Fri, Dec 22, 2017 at 3:59 AM, Simon Elliston Ball <
> si...@simonellistonball.com> wrote:
>
>> Correct, nested objects in lucene indexes lead to sub-documents, which
>> leads to a massive drop in ingest and query rates, this is why the JSONMap
>> parser for example deliberately flattens the Metorn JSON object. Before
>> this decision was made, very early versions of OpenSOC nested enrichments
>> for example, but performance became a challenge.
>>
>> Simon
>>
>>
>>> On 21 Dec 2017, at 13:57, Ali Nazemian wrote:
>>>
>>> So Metron enrichment and indexer are not nested aware? Is there any plan
>> to
>>> add that to Metron in future?
>>>
>>> Cheers,
>>> Ali
>>>
>>> On Fri, Dec 22, 2017 at 12:46 AM, Otto Fowler
>>> wrote:
>>>
I believe right now you have to flatten.
The jsonMap parser does this.
On December 21, 2017 at 08:28:13, Ali Nazemian (alinazem...@gmail.com)
wrote:
Hi all,
We have recently faced some data sources that generate data in a nested
format. For example, AWS Cloudtrail generates data in the following JSON
format:
{
"Records": [
{
"eventVersion": *"2.0"*,
"userIdentity": {
"type": *"IAMUser"*,
"principalId": *"EX_PRINCIPAL_ID"*,
"arn": *"arn:aws:iam::123456789012:user/Alice"*,
"accessKeyId": *"EXAMPLE_KEY_ID"*,
"accountId": *"123456789012"*,
"userName": *"Alice"*
},
"eventTime": *"2014-03-07T21:22:54Z"*,
"eventSource": *"ec2.amazonaws.com "*,
"eventName": *"StartInstances"*,
"awsRegion": *"us-east-2"*,
"sourceIPAddress": *"205.251.233.176"*,
"userAgent": *"ec2-api-tools 1.6.12.2"*,
"requestParameters": {
"instancesSet": {
"items": [
{
"instanceId": *"i-ebeaf9e2"*
}
]
}
},
"responseElements": {
"instancesSet": {
"items": [
{
"instanceId": *"i-ebeaf9e2"*,
"currentState": {
"code": 0,
"name": *"pending"*
},
"previousState": {
"code": 80,
"name": *"stopped"*
}
}
]
}
}
}
]
}
We are able to make this as a flat JSON file. However, a nested object
>> is
supported by data backends in Metron (ES, ORC, etc.), so I was wondering
whether with the current version of Metron we are able to index nested
documents or we have to make it flat?
Cheers,
Ali
>>>
>>>
>>> --
>>> A.Nazemian
>>
>>
Re: Anand is a new Committer!
Thank you all. Regards, Anand On 1/11/18, 9:23 PM, "zeo...@gmail.com" wrote: >Welcome aboard, Anand! Congrats > >Jon > >On Thu, Jan 11, 2018 at 10:41 AM Otto Fowler >wrote: > >> Congratulations and welcome Anand! >> >> >> On January 11, 2018 at 09:29:24, Casey Stella (ceste...@gmail.com) wrote: >> >> The Project Management Committee (PMC) for Apache Metron has invited Anand >> Subramanian to become a committer and we are pleased to announce that they >> have accepted. >> >> Congratulations and welcome, Anand! >> > > >-- > >Jon
