Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/958
I'm all set, +1. Thanks for this, it's great stuff.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/961
I'm +1 by inspection, assuming @cestella is good with the requested changes.
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r174488230
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/SendToKafka.java
---
@@ -0,0 +1,107
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r174468438
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/SendToKafka.java
---
@@ -0,0 +1,107
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173943133
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/monitor/AbstractMonitor.java
---
@@ -0,0 +1,49
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173921179
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/LoadOptions.java
---
@@ -0,0 +1,504
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173928192
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/monitor/writers/ConsoleWriter.java
---
@@ -0,0 +1,67
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173918861
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/LoadGenerator.java
---
@@ -0,0 +1,165
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173936212
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/sampler/BiasedSampler.java
---
@@ -0,0 +1,95
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173928769
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/monitor/writers/Writer.java
---
@@ -0,0 +1,91
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173926217
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/monitor/AbstractMonitor.java
---
@@ -0,0 +1,49
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173929511
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/monitor/writers/Writer.java
---
@@ -0,0 +1,91
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173933259
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/sampler/UnbiasedSampler.java
---
@@ -0,0 +1,28
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173930965
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/sampler/BiasedSampler.java
---
@@ -0,0 +1,95
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173917605
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/LoadGenerator.java
---
@@ -0,0 +1,165
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173917240
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/LoadGenerator.java
---
@@ -0,0 +1,165
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173918976
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/LoadGenerator.java
---
@@ -0,0 +1,165
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173925390
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/SendToKafka.java
---
@@ -0,0 +1,107
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173922548
--- Diff:
metron-contrib/metron-performance/src/main/java/org/apache/metron/performance/load/MessageGenerator.java
---
@@ -0,0 +1,48
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/958#discussion_r173924485
--- Diff:
metron-contrib/metron-performance/src/test/java/org/apache/metron/performance/load/SendToKafkaTest.java
---
@@ -0,0 +1,49
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
+1, I'm able to spin it up and query. Good job!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
Don't leave an extra square brace. Sigh. My bad
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
Error code is just a 400, btw.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
I'm unable to get a fairly basic query working. A matching doc exists,
based on querying solr directly. I assume I'm doing something obviously wrong
here?
```
{
"f
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
yeah, don't worry about it, it's not important, just a bit odd.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/941
No, that can wait for the follow-on ticket. Could you add a quick
one-sentence blurb about the ElasticsearchTestUtils in the README so things are
easier for anyone to test later
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/957
There's a bunch of @cestella commits in here. Do you need to merge
feature/METRON-1416-upgrade-solr into this PR?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/924
@cestella Bump
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/933
@mmiklavc @cestella Bump
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/941#discussion_r172318991
--- Diff: metron-contrib/metron-docker-e2e/README.md ---
@@ -0,0 +1,94 @@
+
+# Metron Docker
+
+Metron Docker E2E is a [Docker
Compose
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/941
I'm unable to get the integration tests running locally. I've been able to
get the docker containers up and running, but ES isn't exposed at localhost,
only through the explicit docker-machine
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/946
@mmiklavc I agree, as long as the user themselves is setting it up, I
believe that would solve the license problem. At least from my understanding
of things.
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/946#discussion_r171619920
--- Diff: metron-platform/elasticsearch-shaded/pom.xml ---
@@ -31,7 +43,7 @@
org.elasticsearch.client
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/946#discussion_r171617250
--- Diff: metron-platform/elasticsearch-shaded/pom.xml ---
@@ -31,7 +43,7 @@
org.elasticsearch.client
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/946#discussion_r171614360
--- Diff: metron-platform/elasticsearch-shaded/pom.xml ---
@@ -31,7 +43,7 @@
org.elasticsearch.client
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/938
+1, pending Travis. I think any look complaints after this are follow-on,
given that this addresses the main issues we wanted and has the updated mark.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/938
Yeah, I thought that was more third party thing. Admittedly, this seems at
(high) risk of becoming a bikeshed. I'd probably rather just use the main mark
(https://www.apache.org/foundation
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/938
The Apache logo image used is a bit outdated. Could you swap it with the
latest?
Looks like it's at https://www.apache.org/foundation/press/kit/#links. I
can only find it from
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/579
I'm still +1. This is really great, and everyone definitely appreciates
how much work went into improving this so much.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/579
@ctramnitz Just noticed this, but could you change the name of the PR to
match the Jira?
i.e.
> METRON-941 native PaloAlto parser corrupts message when having a comma in
the payload
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/579
I'm +1, this is definitely a major improvement and I agree, getting it
merged would be great. @simonellistonball Any comment as @ottobackwards asked,
or are we good to pull this in?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/579
from @ctramnitz on the PR I made against his branch.
> However, I'm not sure the result for is really as expected.
> It shouldn't be "<11>Jan 5 05:38:59 PAN1.exam
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/918
Thanks for the updates. I'm +1 on including this in the feature branch.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/918
I got full dev spinning spun up with this, and it looks good. I think the
latest couple comments are still to be addressed, but otherwise good to go.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/911
I looked over the changes and refactor. Thanks a lot for taking care of
that, it looks a lot better and is definitely easier to grok, imo, than the old
way.
I'm +1 on merging
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/919
@ottobackwards Any objections to having the discussion outside of this and
merging this in as-is?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/919
Sidenote, do we want to move this script to the dev-utilities dir?
---
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/919
METRON-1439: Turn off git pager in platform-info script
## Contributor Comments
Just added a couple --no-pager args. Before you'd have to progress past
the couple git pages, now they should
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/918#discussion_r165192051
--- Diff: metron-platform/metron-solr/README.md ---
@@ -0,0 +1,52 @@
+
+# Solr in Metron
+
+## Table of Contents
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164847601
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164842112
--- Diff:
metron-platform/metron-solr/src/test/java/org/apache/metron/solr/integration/SolrSearchIntegrationTest.java
---
@@ -0,0 +1,152
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164840018
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164839532
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164841557
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrUpdateDao.java
---
@@ -0,0 +1,101 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164844818
--- Diff:
metron-platform/metron-indexing/src/main/java/org/apache/metron/indexing/dao/search/SearchDao.java
---
@@ -0,0 +1,34
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164840108
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164841286
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164842946
--- Diff:
metron-platform/metron-solr/src/test/java/org/apache/metron/solr/integration/components/SolrComponent.java
---
@@ -158,4 +162,16 @@ public
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164846538
--- Diff:
metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/SearchIntegrationTest.java
---
@@ -443,11 +495,11 @@ public void
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164838120
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrDao.java
---
@@ -0,0 +1,118 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164838944
--- Diff:
metron-platform/metron-solr/src/main/java/org/apache/metron/solr/dao/SolrSearchDao.java
---
@@ -0,0 +1,315 @@
+/**
+ * Licensed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/911#discussion_r164836556
--- Diff:
metron-platform/metron-indexing/src/test/java/org/apache/metron/indexing/dao/SearchIntegrationTest.java
---
@@ -655,83 +699,54 @@ public void
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/907#discussion_r163600063
--- Diff: metron-deployment/roles/ambari_config/vars/single_node_vm.yml ---
@@ -87,6 +87,11 @@ configurations:
supervisor.slots.ports: "
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/853
We're good on 1-4.
For point 5. I'd still like to see a note in the upgrading, even if it
gets removed when the more flexible store is added. I don't know when we'll get
around to using
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/902
I'm definitely fine with leaving HTML encoding to a follow-on.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/902
Re: the single quoting issue.
Avoiding the XML blob and using the main rest endpoint seems to kick back
actual quotation marks. Now you have to read JSON instead of XML, but it might
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/900
METRON-1411: Fix sed command in Upgrading.md
## Contributor Comments
The sed commands in Upgrading.md for the alert field can be problematic on
some versions of sed, including what's
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
+1, thanks for the hard work in getting everything cleaned up!
---
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/896
METRON-1396: Fix .gitignore files to not ignore themselves
## Contributor Comments
The relevant files are already in git, it's a trivial fix to just add the
reinclusion. See https://git
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
I ran this up and was able to complete the example and see the data flow
through to the alerts UI. Everything worked really well, and the instructions
were very clear.
I think once
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/879
I'm still +1 on this, thanks again.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/872
+1. Thanks for the contribution, this is valuable to have.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/893
+1 by inspection, thanks for the fix!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/853
To respond to the questions in the description (and maybe kick off
conversation, especially if anyone disagrees) + add my own thoughts. In no
particular order.
@merrimanr Let me know
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
I spun up master and this also occurs there. I'll create a JIRA for it.
+1, thanks for the improvement!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/853
@merrimanr Can you deconflict this?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
This happens intermittently for me. An error in the dev tools when hitting
`http://node1:4200/api/v1/storm/parser/start/bro` is:
```
(failed)
net::ERR_EMPTY_RESPONSE
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/879
@mmiklavc Check out
https://github.com/apache/metron/pull/882#issuecomment-356109443. Looks like
the squid mapping @cestella uses doesn't line up (which isn't terribly
surprising because
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/872
@cestella Any response to the comment by @ottobackwards ? I glanced over
it, and I like it and think it's valuable, but he's hitting at the core impl,
so I don't want to +1 anything.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/879
I spun this up in the context of the combined PR, and everything worked as
advertised, barring the UI because of ES5 issues. I was able to validate that
data flowed through as expected
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/880
I ran this up in the combined PR, and it worked really well. As noted on
that ticket, further changes are necessary in the instructions (to handle ES5),
but for this ticket looking in ES
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
I ran through the instructions. The new data flowing automatically into
the default ES mapping causes the problem that fielddata isn't true, so
grouping queries don't match on the squid index
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/882#discussion_r160245549
--- Diff: use-cases/typosquat_detection/README.md ---
@@ -0,0 +1,448 @@
+
+# Problem Statement
+
+[Typosquatting](https://en.wikipedia.org
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/882#discussion_r160241987
--- Diff: use-cases/typosquat_detection/README.md ---
@@ -0,0 +1,448 @@
+
+# Problem Statement
+
+[Typosquatting](https://en.wikipedia.org
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/840
At this point, I'm +1 since @merrimanr ran up the e2e tests. A couple
people have put a fair amount of testing into this, and it seems like at this
point we're at parity and not finding more
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/880#discussion_r160210633
--- Diff:
metron-platform/metron-enrichment/src/test/java/org/apache/metron/enrichment/stellar/ObjectGetTest.java
---
@@ -0,0 +1,91
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/879#discussion_r160177446
--- Diff:
metron-platform/metron-data-management/src/main/java/org/apache/metron/dataloads/nonbulk/flatfile/importer/AbstractLocalImporter.java
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/879#discussion_r160179259
--- Diff: metron-platform/metron-data-management/README.md ---
@@ -354,3 +357,91 @@ The parameters for the utility are as follows:
| -r
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/879#discussion_r160208209
--- Diff:
metron-platform/metron-data-management/src/main/java/org/apache/metron/dataloads/nonbulk/flatfile/writer/Writer.java
---
@@ -0,0 +1,34
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
Didn't see this happen while trying a second time time, or with snort and
the logs don't seem to have anything interesting.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
Spun it up, noticed one other problem. Unfortunately, again, I'm not sure
if it's preexisting due to unfamiliarity. I stopped the bro topology (which was
successful), then I started it again. I
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
@merrimanr You are absolutely right, my bad. Turns out I am illiterate in
the morning.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
@merrimanr Are those fixes the sort of thing we can/should add e2e tests
for? I know those are flaky, but it seems like we should be able to have
semi-automated confirmation on the fixes.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
Yeah, 4 I'm definitely fine with being a separate PR. I'll spin this up
again quick and take another look.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/786
I took a swing through this, and generally this worked as expected. There
were a couple things in full dev that I'm not sure if they were preexisting or
not, just from unfamiliarity with how
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/840#discussion_r159866359
--- Diff: pom.xml ---
@@ -159,7 +159,7 @@
${global_surefire_version
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/886
+1 by inspection. Thanks for the fix!
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/840#discussion_r159681034
--- Diff: pom.xml ---
@@ -159,7 +159,7 @@
${global_surefire_version
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/869
I'm still +1 after the latest changes. Thanks @nickwallen!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/869
+1, pending Travis. Good job, this should be really helpful!
---
1 - 100 of 504 matches
Mail list logo