[GitHub] metron pull request #937: METRON-1455: Patch and Replace methods in the REST...
GitHub user cestella opened a pull request: https://github.com/apache/metron/pull/937 METRON-1455: Patch and Replace methods in the REST UpdateController return 400 ## Contributor Comments Shading and relocating the jackson library had the unexpected behavior of breaking patch requests in the REST API. The solution is that we moved the remaining patch functionality inside `JSONUtils` and stop relying on Jackson specific classes in our external API (e.g. `PatchRequest`). To exercise this behavior, from the alerts UI, click on an message and click "Escalate." From the console ensure that the patch request returns a 200 code rather than a 400 or 500 code. ## Pull Request Checklist Thank you for submitting a contribution to Apache Metron. Please refer to our [Development Guidelines](https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=61332235) for the complete guide to follow for contributions. Please refer also to our [Build Verification Guidelines](https://cwiki.apache.org/confluence/display/METRON/Verifying+Builds?show-miniview) for complete smoke testing guides. In order to streamline the review of the contribution we ask you follow these guidelines and ask you to double check the following: ### For all changes: - [x] Is there a JIRA ticket associated with this PR? If not one needs to be created at [Metron Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel). - [x] Does your PR title start with METRON- where is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character. - [x] Has your PR been rebased against the latest commit within the target branch (typically master)? ### For code changes: - [x] Have you included steps to reproduce the behavior or problem that is being changed or addressed? - [x] Have you included steps or a guide to how the change may be verified and tested manually? - [x] Have you ensured that the full suite of tests and checks have been executed in the root metron folder via: ``` mvn -q clean integration-test install && dev-utilities/build-utils/verify_licenses.sh ``` - [x] Have you written or updated unit tests and or integration tests to verify your changes? - [x] Have you verified the basic functionality of the build by building and running locally with Vagrant full-dev environment or the equivalent? Note: Please ensure that once the PR is submitted, you check travis-ci for build issues and submit an update to your PR as soon as possible. It is also recommended that [travis-ci](https://travis-ci.org) is set up for your personal repository such that your branches are built there before submitting a pull request. You can merge this pull request into a Git repository by running: $ git pull https://github.com/cestella/incubator-metron METRON-1455 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/metron/pull/937.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #937 commit cce8fda5557d9360e43de8a12443fa67d79e3681 Author: cstella Date: 2018-02-14T19:15:38Z METRON-1455: Patch and Replace methods in the REST UpdateController return 400 ---
[GitHub] metron issue #936: METRON-1450:Added documentation for random access and bat...
Github user MohanDV commented on the issue: https://github.com/apache/metron/pull/936 updated the main README for indexing ---
Re: [DISCUSS] community view/roadmap of threat intel
We used to install soltra edge in the old ansible builds (which have thankfully now been pared back in the interests of stability in full dev). Soltra has not been a good option since they went proprietary, so since then we’ve included opentaxii (BSD 3) as a discovery and aggregator. Most of the challenges are around licensing. Hippocampe is part of The Hive Project, which is AGPL, which is an apache category X license so can’t be included. Mindmeld is much better license-wise (Apache 2) so would be well worth community consideration. I kinda like it as a framework, but I for one would be very pleased to hear a broader community discussion around which platforms we should have integrations with via the threat intel loader, or even through a direct to hbase streaming connector. Simon > On 14 Feb 2018, at 03:13, Ali Nazemian wrote: > > Hi All, > > I would like to understand Metron community view on Threat Intel > aggregators as well as the roadmap of threat intelligence and threat > hunting. There are some open source options available regarding threat > intel aggregator such as Minemeld, Hippocampe, etc. Is there any plan to > build that as a part of Metron in future? Is there any specific aggregator > you think would be more aligned with Metron roadmap? > > Cheers, > Ali
[GitHub] metron issue #936: METRON-1450:Added documentation for random access and bat...
Github user JonZeolla commented on the issue: https://github.com/apache/metron/pull/936 Yes ---