Github user MohanDV commented on a diff in the pull request:
https://github.com/apache/metron/pull/653#discussion_r127391226
--- Diff: metron-analytics/metron-profiler/README.md ---
@@ -69,7 +142,7 @@ More information on configuring and using the client can
be found [here](../metr
Github user MohanDV commented on a diff in the pull request:
https://github.com/apache/metron/pull/653#discussion_r127390120
--- Diff: metron-analytics/metron-profiler/README.md ---
@@ -6,36 +6,94 @@ This is achieved by summarizing the streaming telemetry
data consumed by Metron
Github user mraliagha commented on the issue:
https://github.com/apache/metron/pull/620
@iraghumitra You're welcome.
As a load balancer. For Elasticsearch client, if you provide a list of
endpoints, it acts as a load balancer to make sure one of them will not get
overwhelmed.
Github user bjigmp commented on a diff in the pull request:
https://github.com/apache/metron/pull/623#discussion_r127359171
--- Diff:
metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/utils/ParserUtils.java
---
@@ -55,7 +55,7 @@ public static Long convertToEpo
GitHub user nickwallen opened a pull request:
https://github.com/apache/metron/pull/655
Profiler Should be Less Dramatic When Missing Configuration
When the Profiler topology is running, but no Profiler definition is found
in Zookeeper, the Profiler will now just calmly log a warnin
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/642
Ok @cestella , I used the Stellar management functions :
```bash
[Stellar]>>> bro_parser_config:= CONFIG_GET('PARSER','bro')
[Stellar]>>> PARSER_STELLAR_TRANSFORM_PRINT( bro_parser_c
GitHub user merrimanr opened a pull request:
https://github.com/apache/metron/pull/654
METRON-1044: Disabled writers are not acking messages
## Contributor Comments
The PR fixes a bug in the indexing topology where a disabled writer will
cause messages to fail. This happens bec
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/642
And they do get returned from the rest api stellar controller
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project do
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127331446
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/RowKeyBuilderFactory.java
---
@@ -0,0 +1,125 @@
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127329675
--- Diff:
metron-analytics/metron-profiler-common/src/main/java/org/apache/metron/profiler/hbase/SaltyRowKeyBuilder.java
---
@@ -44,7 +46,17 @@
* g
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127326600
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/RowKeyBuilderFactory.java
---
@@ -0,0 +1,125 @@
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127326080
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/RowKeyBuilderFactory.java
---
@@ -0,0 +1,125 @@
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127325245
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/RowKeyBuilderFactory.java
---
@@ -0,0 +1,125 @@
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127330773
--- Diff:
metron-analytics/metron-profiler-common/src/main/java/org/apache/metron/profiler/hbase/DecodableRowKeyBuilder.java
---
@@ -0,0 +1,382 @@
+/
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127329289
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/RowKeyBuilderFactory.java
---
@@ -0,0 +1,125 @@
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127328660
--- Diff:
metron-analytics/metron-profiler-client/src/main/java/org/apache/metron/profiler/client/stellar/GetProfile.java
---
@@ -216,21 +211,7 @@ privat
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127329548
--- Diff:
metron-analytics/metron-profiler-common/src/main/java/org/apache/metron/profiler/hbase/DecodableRowKeyBuilder.java
---
@@ -0,0 +1,382 @@
+/
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127327990
--- Diff:
metron-analytics/metron-profiler/src/main/flux/profiler/remote.yaml ---
@@ -29,7 +29,7 @@ components:
- name: "saltDivisor"
Github user nickwallen commented on a diff in the pull request:
https://github.com/apache/metron/pull/622#discussion_r127327126
--- Diff:
metron-analytics/metron-profiler/src/main/flux/profiler/remote.yaml ---
@@ -29,7 +29,7 @@ components:
- name: "saltDivisor"
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/642
@cestella, I don't see my functions listed in the config ui, but they are
in the shell. That doesn't seem right?
---
If your project is set up for it, you can reply to this email and have you
Github user jjmeyer0 commented on the issue:
https://github.com/apache/metron/pull/652
@cestella I was wondering what you think about having a zip function that
we could pass a lambda to. It could potentially be nicer to read than combining
a `ZIP` with a `REDUCE`.
```
Z
Github user asfgit closed the pull request at:
https://github.com/apache/metron/pull/653
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enab
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/653
I have been able to follow these steps successfully in Full Dev
environment. Looking good to me.
---
If your project is set up for it, you can reply to this email and have your
reply appear on G
Github user mattf-horton commented on the issue:
https://github.com/apache/metron/pull/481
Before committing, I'm going to retest to make sure I'm not missing the
problems @ottobackwards saw. @dlyle65535 , also interested in your feedback if
you have time.
---
If your project is se
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/623
@bjigmp I'm fine with doing that later. If you add the comment I asked for
(honestly mostly because I personally had no idea what that method expected
until I looked at the method more) I'm +1, a
I agree to moving it to a contrib or contrib-like area.
Jon
On Thu, Jul 13, 2017 at 12:38 PM Kyle Richardson
wrote:
> I completely support the idea of moving metron-docker down in the tree. I
> do like the idea of a contrib/ area for things like this that are not as
> frequently updated or main
I could be convinced to get onboard with a contrib (or metron-contrib to
follow convention?) top-level directory. My only concern is that it might
become a dumping ground of random stuff. Maybe that concern is not
warranted.
On Thu, Jul 13, 2017 at 12:38 PM, Kyle Richardson wrote:
> I complete
Github user bjigmp commented on the issue:
https://github.com/apache/metron/pull/623
@justinleet I absolutely agree with you that this method must be rewritten
and probably moved to FireEye.
But my plan was to fix it/write unit test and then refactor it.
---
If your project is se
Github user mattf-horton commented on the issue:
https://github.com/apache/metron/pull/651
Har, I give up. POWER it is. I agree would be good to use @cestella 's
new framework, and see above review comments.
---
If your project is set up for it, you can reply to this email and have
Github user mattf-horton commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127277799
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -60,4 +60,38 @@ public boolean
Github user mattf-horton commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127279766
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/MathFunctionsTest.java
---
@@ -44,4 +44,16 @@ public void
Github user mattf-horton commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127279153
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/MathFunctionsTest.java
---
@@ -44,4 +44,16 @@ public void
Github user mattf-horton commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127277470
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -518,6 +519,13 @@ In the core language functions, we support basic
functional programming primi
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/642
Will do
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if t
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/651
@mattf-horton Actually, `**` and `math.exp()` are different; the first
being an arbitrary power function and the later presuming that we're taking a
power of `e` (i.e. `e**x == exp(x)` ). I did ad
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/653
Exactly
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the fe
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/653
Ah, sure. Creating the HBase table is described in the "Getting Started"
section, but that does seem to make more sense under "Installation" now. Will
do. Thanks
---
If your project is set up
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/653
Ok, so, installation via the rpm will drop unconfigured profiler.properties
(it refers to a hbase table that likely will not exist). Can you just make a
blurb that you will likely have to adjust th
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/653
Oh, like adjust the following in `profiler.properties`?
```
...
kafka.zk=node1:2181
kafka.broker=node1:6667
```
---
If your project is set up for it, you can reply to this
Github user mattf-horton commented on the issue:
https://github.com/apache/metron/pull/651
@simonellistonball , you're right, '**' would have been far more
appropriate given what most languages do. And I find your argument convincing
that the function form will be more familiar to ma
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/653
@cestella I am not following. Can you describe that a little more?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/653
Cool, can we get a blurb about adjusting configs to conform to your system,
etc. at the end of this? If so, I'm +1.
---
If your project is set up for it, you can reply to this email and have your
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/642
Ok, I dig this a lot. +1 by inspection. The only thing I ask is that
since you're adding a new dependency, would you ensure a smoketest in full-dev
and maybe pass through a couple of records with
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/636
Bear with me, @merrimanr, I am going to submit a PR with the DAO
abstraction I was talking about so we can hash it out. I started it in
collaboration with @justinleet to ensure the ideas in the mut
Github user simonellistonball commented on the issue:
https://github.com/apache/metron/pull/651
Yes, I think I'll just refactor this around #650 when that's committed to
keep the workflow simple.
---
If your project is set up for it, you can reply to this email and have your
reply ap
Github user simonellistonball closed the pull request at:
https://github.com/apache/metron/pull/651
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feat
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/649
+1 by inspection, nice work
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wis
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127268567
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -60,4 +60,38 @@ public boolean isIn
I completely support the idea of moving metron-docker down in the tree. I
do like the idea of a contrib/ area for things like this that are not as
frequently updated or maintained. Are there any other pieces of the code
base that would fit into this type of area?
-Kyle
On Thu, Jul 13, 2017 at 12:
On 2017-07-13 09:04, Nick Allen wrote:
Having metron-docker at the top-level of the project seems to catch the
attention of new users. Some then start using metron-docker to
explore/try-out/demo Metron.
The metron-docker code that we have is not well-suited for this
purpose.
It is only really
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/651
If we do decide to leave it in @simonellistonball you might want to base it
around #650, as you indicated. I added the 2 arg abstraction. This should
just be:
* Add an entry to MathOperations:
Github user simonellistonball commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127264326
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -60,4 +60,38 @@ public boo
Github user simonellistonball commented on the issue:
https://github.com/apache/metron/pull/651
I get the point @mattf-horton and thought about it, but went this way for
familiarity's sake, a lot of the likely authors of stellar statements are
security analysts who will be more famili
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/651
Yeah, that's an argument I was expecting. I'm torn. Yes, I'd prefer ^ or
**, but we're following java examples (except where we're following python
examples ;). I don't know, I'm torn and could b
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/651#discussion_r127263511
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -60,4 +60,38 @@ public boolean isIn
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/650
Ok, I broke this abstraction out a bit and made it easier to add
non-single-arg functions (a la POW, which is a separate PR by
@simonellistonball ). I also went ahead and added `ROUND` and `EXP`.
Github user mattf-horton commented on the issue:
https://github.com/apache/metron/pull/651
I would rather see this implemented as a `^` math operator rather than a
function, even though Java doesn't. Opinions?
---
If your project is set up for it, you can reply to this email and hav
I think that if it is not a ‘build breaking dependency’ it should be in a
/contrib area and not in deployment.
On July 13, 2017 at 12:05:00, Nick Allen (n...@nickallen.org) wrote:
Having metron-docker at the top-level of the project seems to catch the
attention of new users. Some then start usi
Having metron-docker at the top-level of the project seems to catch the
attention of new users. Some then start using metron-docker to
explore/try-out/demo Metron.
The metron-docker code that we have is not well-suited for this purpose.
It is only really useful for development. It is not regular
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127247191
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @@
im
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127245708
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @@
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127245624
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @@
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127245372
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import o
Github user simonellistonball commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127244811
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127242712
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import org.ap
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127242317
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import org.ap
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127242100
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import org.ap
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127240904
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @@
im
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/623#discussion_r127239592
--- Diff:
metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/utils/ParserUtils.java
---
@@ -55,7 +55,7 @@ public static Long convertT
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/623
Thanks for submitting this, and thanks for being patient. I took a look at
what the method was doing, and it seems like we could probably just cleanup
that method to something like:
```
Github user simonellistonball commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127239254
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/FunctionalFunctionsTest.java
---
@@ -24,13 +24,124 @
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/652
@nickwallen @ottobackwards A couple of modifications:
* I renamed `ZIP_JAGGED` to `ZIP_LONGEST` to conform more to python's
example
* I added links to more context in the documentation
*
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/652
Do we have good unit tests for the function's behavior with empty lists,
nulls and other boundary conditions?
---
If your project is set up for it, you can reply to this email and have your
reply
The metron-docker project isn’t really intended for a proper deployment. It’s
basically a dev tool for working on the front end pieces and quick
experimentation to be honest, the versions aren’t always updated that
frequently.
Specifically on the elastic and kibana versions, those are a little
GitHub user nickwallen opened a pull request:
https://github.com/apache/metron/pull/653
METRON-1040 Create Installation Instructions for the Profiler
Created additional instructions for installing the Profiler.
## Pull Request Checklist
- [ ] Is there a JIRA ticket ass
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/652
+1 - built + test travis style, ran stellar cli.
Nice work @cestella
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your
Hi,
I am working with metron-docker and i see that versions of ElasticSearch and
Kibana are old versions.
Is there any reason for this? Do you think there could be a problem if I
upgrade to newer versions both components?
Thanks!
P Please consider the environment before printing this e-mail.
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127232007
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -711,6 +713,18 @@ In the core language functions, we support basic
functional programming primitiv
Github user simonellistonball commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127231248
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -711,6 +713,18 @@ In the core language functions, we support basic
functional programming
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127230597
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -711,6 +713,18 @@ In the core language functions, we support basic
functional programming prim
Github user cestella commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127227967
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -711,6 +713,18 @@ In the core language functions, we support basic
functional programming primitiv
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/652#discussion_r127221448
--- Diff: metron-stellar/stellar-common/README.md ---
@@ -711,6 +713,18 @@ In the core language functions, we support basic
functional programming prim
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127220715
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import o
Github user ottobackwards commented on a diff in the pull request:
https://github.com/apache/metron/pull/650#discussion_r127220966
--- Diff:
metron-stellar/stellar-common/src/main/java/org/apache/metron/stellar/dsl/functions/MathFunctions.java
---
@@ -25,17 +25,39 @@
import o
Github user asfgit closed the pull request at:
https://github.com/apache/metron/pull/520
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enab
Github user asfgit closed the pull request at:
https://github.com/apache/metron/pull/648
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enab
Github user nickwallen commented on the issue:
https://github.com/apache/metron/pull/648
+1 Thanks for the fix, Simon
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and
GitHub user cestella opened a pull request:
https://github.com/apache/metron/pull/652
METRON-1039: Add ZIP function to Stellar
## Contributor Comments
Stellar could use a ZIP function i.e.
* `ZIP( [ 1, 2, 3], [ 4, 5, 6] ) == [ [1, 4], [2, 5], [3, 6] ]`
* `ZIP( [ 1, 2 ], [
Github user iraghumitra commented on the issue:
https://github.com/apache/metron/pull/620
@mraliagha Glad, it worked and thanks for persisting with the issue.
As for supporting multiple Elasticsearch urls. Are you looking for a load
balancer between two ES that has the same d
GitHub user simonellistonball opened a pull request:
https://github.com/apache/metron/pull/651
METRON-1037 Added POWER function
## Contributor Comments
This is a quick addition to the Math functions. It may be worth revising
following the work @cestella did this morning to
GitHub user cestella opened a pull request:
https://github.com/apache/metron/pull/650
METRON-1038: Stellar should have a better collection of basic math
operations
## Contributor Comments
At the moment the math functions are woefully incomplete.
We should add at least the o
Github user mraliagha commented on the issue:
https://github.com/apache/metron/pull/620
@iraghumitra I've just checked it again. It's working now. Perfect. Thanks.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your p
Github user iraghumitra commented on the issue:
https://github.com/apache/metron/pull/620
@mraliagha I can get them from ES as I mentioned in my earlier comments,
there was a bug in the code that was displaying only the fields names from bro
indexes. It is fixed in this [commit](046c2
93 matches
Mail list logo
