Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/579
I'm still +1. This is really great, and everyone definitely appreciates
how much work went into improving this so much.
---
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/579
+1 one. Thank you @ctramnitz. I know how it can be to have a long review
process. This is really good work and I look forward to seeing what you do
next ;)
---
Github user ctramnitz commented on the issue:
https://github.com/apache/metron/pull/579
No it's not a requirement. The parser will continue to work the same way as
it did before if you feed it a full syslog line including header. (Which
wouldn't produce a valid domain field, but
Github user ottobackwards commented on the issue:
https://github.com/apache/metron/pull/579
maybe regression isn't the right word -
"Until we have something generic to (pre-)parse syslog before it reaches
the message parser I assumed the messages will be stripped off the syslog
Github user ctramnitz commented on the issue:
https://github.com/apache/metron/pull/579
@ottobackwards Where is the regression? If a user used the parser
previously with a full syslog header it will continue to work the same way. The
result will be the same odd domain field ", 1"
