Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/803#discussion_r146964503
--- Diff:
metron-interface/metron-alerts/src/app/alerts/alerts-list/tree-view/tree-view.component.ts
---
@@ -337,12 +343,67 @@ export class
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/816
+1 by inspection, pending Travis
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/811
### Testing
Testing purely based on the REST API. Having said that, if you want to do
like @nickwallen did and pull in https://github.com/apache/metron/pull/803 into
the same branch, you
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/815
+1 by inspection. Thanks for grabbing this so quickly!
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/811#discussion_r146827154
--- Diff:
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java
---
@@ -295,19 +341,199
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/811#discussion_r146826488
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/files/bro_index.template
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/811
@nickwallen It's not a perfect solution, but I added the "source:type"
field for consistency and to allow for filtering and retrieval of just meta
alerts in an obvious way. S
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/811
Kick Travis
---
Github user justinleet closed the pull request at:
https://github.com/apache/metron/pull/811
---
GitHub user justinleet reopened a pull request:
https://github.com/apache/metron/pull/811
METRON-1272: Hide child alerts from searches and grouping if they belong to
meta alerts
## Contributor Comments
Adds the ability to hide alerts already contained in a meta alert from
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/811
METRON-1272: Hide child alerts from searches and grouping if they belong to
meta alerts
## Contributor Comments
Adds the ability to hide alerts already contained in a meta alert from
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/803
Potentially we want to expose some abstraction for the ES options for
missing field sorting (that I admittedly don't know exist in Solr).
https://www.elastic.co/guide/en/elasticsearch
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/806
+1 by inspection. Thank for contributing!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/802
+1, thanks for this, it's good stuff
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/802#discussion_r145431927
--- Diff:
metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/805
It's actually easier than this to pull in a PR, for future reference
```
git fetch upstream pull/805/head:METRON-1261
git checkout METRON-1261
```
Assuming upstream
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/802#discussion_r145424998
--- Diff:
metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/802#discussion_r145393297
--- Diff:
metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/802#discussion_r145378015
--- Diff:
metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/802#discussion_r145372604
--- Diff:
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java
---
@@ -177,15 +178,18
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/788#discussion_r144293192
--- Diff:
metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
---
@@ -133,6 +173,40 @@ export class
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/798
To test this spin up full dev and go to the Swagger API.
An unquoted search can result in multiple results that only partially
match. These matches may be across sensors
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/798
METRON-1247: REST search and findOne endpoints return unexpected or
incorrect results for guids
## Contributor Comments
Updates documentation to have users surround GUIDs in double quotes
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/768
To handle the missing grouping aggregation.
https://www.elastic.co/guide/en/elasticsearch/reference/2.3/search-aggregations-bucket-missing-aggregation.html
I *think* this is a backend
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/788#discussion_r143161957
--- Diff:
metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
---
@@ -133,6 +173,40 @@ export class
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/788#discussion_r143157741
--- Diff:
metron-interface/metron-alerts/src/app/alerts/alert-details/alert-details.component.ts
---
@@ -133,6 +173,40 @@ export class
Github user justinleet closed the pull request at:
https://github.com/apache/metron/pull/780
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/780
Kicking Travis.
---
GitHub user justinleet reopened a pull request:
https://github.com/apache/metron/pull/780
METRON-1220: Create documentation around alert nested field
## Contributor Comments
Adding some docs around the requirement of an "alert" field on new sensors.
There
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/780#discussion_r143064409
--- Diff: README.md ---
@@ -118,3 +118,9 @@ Some useful utilities that cross all of these parts of
the architecture:
* [Model as a Service](metron
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/791
I'm good with where it's at now. The color is good to have. It's really
nice to have this well documented.
I'm +1, pending Travis. Although I'll be mildly impressed if you break
Travis
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/791#discussion_r143058611
--- Diff: metron-platform/metron-enrichment/README.md ---
@@ -25,9 +25,26 @@ defined by JSON documents stored in zookeeper.
There are two types
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/791
One more config I can think of that should be added.
`geo.hdfs.file` is also in the global config. It's in Ambari as
`geoip_url`.
It looks like a small blurb should probably
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/780
@nickwallen I figured out what the problem was. I'd replaced dashes with
spaces and lowercased it, but left the period in `2.x`. After removing the
period, links worked.
@cestella Added
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/767
@mattf-horton @ottobackwards Is there any more work for this?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/780
@cestella @nickwallen Hopefully took care of comments that don't involve
migrating wiki docs. Let me know if I looked over anything. Sidenote, does
anybody know how to actually link to a head
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/776
@DimDroll Thanks for creating the Jira. It's a pretty small thing, but it
helps keep everything consistent and makes it easy to compile and search on
during releases, etc.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/776
@simonellistonball Is that comment meant for
https://github.com/apache/metron/pull/775? I think you're on the wrong PR
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/776
@DimDroll Can you put the jira number at the front of the PR name like the
other PRs have please?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/776
+1, was able to see it work in Github's view. Thanks a lot for the fix.
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141473085
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -28,7 +87,7 @@
```
1. You can view the GUI @http://localhost:4200 . The default
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/773
+1, thanks for making the adjustments
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141471628
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -28,7 +87,7 @@
```
1. You can view the GUI @http://localhost:4200 . The default
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141461626
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -28,7 +87,7 @@
```
1. You can view the GUI @http://localhost:4200 . The default
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141461458
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -6,15 +6,74 @@
- [Installing on an existing Cluster](#installing-on-an-existing-cluster
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141460799
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -6,15 +6,74 @@
- [Installing on an existing Cluster](#installing-on-an-existing-cluster
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/773#discussion_r141460898
--- Diff: metron-interface/metron-alerts/README.md ---
@@ -6,15 +6,74 @@
- [Installing on an existing Cluster](#installing-on-an-existing-cluster
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/770
@nickwallen Updated the PR. The integration tests's initial doc check can
be timing sensitive, which was masked by the bogus `Thread.sleep` in the
`ElasticsearchDao`. Updated the test
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/770
Even if CI succeeds, please hold off on merging, I suspect that integration
tests may be a bit too timing dependent.
---
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/770
METRON-1202: ElasticsearchDao Has extraneous sleep call
## Contributor Comments
Less sleep and pointless test call, more performance.
Spin it up. Issue a patch, make sure it's
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/681
I'm on the side of holding off for an eventual follow-on regarding that
question, for the record.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/681
@cestella and @mattf-horton Do we care about the Infinity cases and
presumably an `IS_INFINITE()` in this PR, or are we okay with holding off until
a follow on is made?
Other than
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/681#discussion_r140489936
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/BasicStellarTest.java
---
@@ -251,6 +251,142 @@ public
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/681
@ottobackwards Could you deconflict this? It seems like semantic
conversation died down and hopefully we're at least mostly set since `IS_NAN()`
got added.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/757
Merged in master for extremely minor deconflict of `rest_commands.py` for
imports added on the same line.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/769
+1 by inspection. Thanks!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/760
Thanks for making the adjustments, @mmiklavc. I'm +1 on this. It's a
great step forward and gives a good foundation for future improvements we want
to make.
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/726#discussion_r140088458
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/profiler_master.py
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/757#discussion_r139957912
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/service_advisor.py
---
@@ -69,6 +69,10
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/757#discussion_r139943087
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/service_advisor.py
---
@@ -69,6 +69,10
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/757#discussion_r139942579
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/rest_commands.py
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/757#discussion_r139813301
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/rest_commands.py
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/766
METRON-1195: Meta alerts improperly handle updates to non nested alert field
## Contributor Comments
Fix to only calculate scores in the event that we've done something that
actually
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/619
As a note, this ticket is slightly impacted by the metaalerts backend
ticket (https://github.com/apache/metron/pull/734). The alerts field in the
various templates should be removed
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139547949
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/cli/ConfigurationManager.java
---
@@ -130,29 +201,39 @@ public void pull
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139526927
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/cli/ConfigurationManager.java
---
@@ -130,29 +201,39 @@ public void pull
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/757#discussion_r139246527
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/params/params_linux.py
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/763
@nickwallen Some of that is provided in metron-indexing/README.md, but I'm
definitely not opposed to fleshing that stuff out more.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/763
Correction to what I said earlier: the update side isn't directly actually
controlled by the `ElasticsearchMetaAlertDao` itself, it's controlled by the
`IndexDao`'s building of the document
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/763#discussion_r139225592
--- Diff:
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java
---
@@ -275,13 +275,13
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/763#discussion_r139225095
--- Diff:
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchMetaAlertDao.java
---
@@ -275,13 +275,13
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/763
METRON-1190: Fix Meta Alert Type handling in calculation of scores
## Contributor Comments
Migrating the create method to not pass anything as an object array and
instead to use a list
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/759
+1 by inspection. This is a good catch to have made, thanks!
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139172028
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -346,19 +434,56 @@ public
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139171388
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -226,6 +276,44 @@ public
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139171727
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -346,19 +434,56 @@ public
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139160248
--- Diff:
metron-deployment/packaging/ambari/metron-mpack/src/main/resources/common-services/METRON/CURRENT/package/scripts/enrichment_commands.py
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139170122
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -226,6 +276,44 @@ public
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139172458
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -401,7 +530,16 @@ else
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/760#discussion_r139170907
--- Diff:
metron-platform/metron-common/src/main/java/org/apache/metron/common/configuration/ConfigurationsUtils.java
---
@@ -226,6 +276,44 @@ public
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/757
As a note, the way I tested this was running it up in a CentOS 7 VM, along
with a couple changes to get things working:
* Turning off firewalld during spinup.
* Downgrading python.x86_64
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/755
I'm +1 with this (as a temporary measure to make things work), assuming
@ottobackwards and @nickwallen are as well.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/758
+1 by inspection pending Travis.
---
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/757
METRON-938: "service metron-rest start " does not work on CentOS
7.
## Contributor Comments
Moved things from an init script to Ambari, since we manage pretty much
everything thro
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/753
+1 by inspection. Thanks!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/734
@merrimanr Are you still +1 after the most recent changes before I commit
this?
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/752
I'm +1 by inspection, assuming all goes well with Travis. The changes
outside of a pure merge look pretty minor
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/734
@merrimanr I added in one fix for some typing on meta alert updates and
also merged in master and the group stuff
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/702
Updates look good.
I'm +1. Thanks again for contributing this.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/734
@merrimanr I added the timestamp field in the meta alert create with
current timestamp. Should take care of it lining up with the other sources.
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/734#discussion_r138046617
--- Diff:
metron-platform/metron-elasticsearch/src/test/java/org/apache/metron/elasticsearch/integration/ElasticsearchMetaAlertIntegrationTest.java
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/742
+1, thanks a lot for the contribution. And for catching that we never
actually had this
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/742#discussion_r137883199
--- Diff:
metron-stellar/stellar-common/src/test/java/org/apache/metron/stellar/dsl/functions/StringFunctionsTest.java
---
@@ -408,6 +408,19 @@ public
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/741
Adjusted to only catch the "Stream Closed" exception, not the general
IOException. If it's stream closed, attempt the rotate and write, otherwise
rethrow
---
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/734#discussion_r137874898
--- Diff: metron-interface/metron-rest/README.md ---
@@ -361,6 +363,21 @@ Request and Response objects are JSON formatted. The
JSON schemas
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/741
@ottobackwards From the ticket description, it looks like you thought there
was a more involved refactoring for doing something like this. Are you good
with this sort of solution (at least
GitHub user justinleet opened a pull request:
https://github.com/apache/metron/pull/741
METRON-1153 HDFS HdfsWriter never recovers from exceptions
## Contributor Comments
Added a try-catch around the actual write that will rotate the file and try
again if there's a stream
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/738
+1, pending Travis. Good catch, thanks a lot for the contribution.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/702
This is really good, thanks for the contribution! Are we intending (as a
follow-on activity), to enable something like top hits aggregation in here so
we can get the documents in the buckets
Github user justinleet commented on a diff in the pull request:
https://github.com/apache/metron/pull/702#discussion_r137762973
--- Diff:
metron-platform/metron-elasticsearch/src/main/java/org/apache/metron/elasticsearch/dao/ElasticsearchDao.java
---
@@ -330,43 +334,112 @@ public
201 - 300 of 504 matches
Mail list logo
