Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
+1, thanks for the hard work in getting everything cleaned up!
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
I ran this up and was able to complete the example and see the data flow
through to the alerts UI. Everything worked really well, and the instructions
were very clear.
I think once the P
Github user cestella commented on the issue:
https://github.com/apache/metron/pull/882
@justinleet Instructions updated, good catch.
---
Github user justinleet commented on the issue:
https://github.com/apache/metron/pull/882
I ran through the instructions. The new data flowing automatically into
the default ES mapping causes the problem that fielddata isn't true, so
grouping queries don't match on the squid index and
