[GitHub] incubator-metron pull request #144: METRON-211 Enable creation of new Kafka ...

2016-06-06 Thread dlyle65535
Github user dlyle65535 commented on a diff in the pull request: https://github.com/apache/incubator-metron/pull/144#discussion_r65988591 --- Diff: metron-deployment/roles/metron_streaming/tasks/main.yml --- @@ -15,25 +15,18 @@ # limitations under the License. # ---

[GitHub] incubator-metron pull request #133: METRON-180 Granular Control of Component...

2016-06-06 Thread dlyle65535
Github user dlyle65535 commented on a diff in the pull request: https://github.com/apache/incubator-metron/pull/133#discussion_r65987913 --- Diff: metron-deployment/playbooks/metron_install.yml --- @@ -74,47 +83,115 @@ tags: - mysql-client -- hosts: sensors

[GitHub] incubator-metron pull request #145: METRON-212: Allow additional Elasticsear...

2016-06-06 Thread dlyle65535
GitHub user dlyle65535 opened a pull request: https://github.com/apache/incubator-metron/pull/145 METRON-212: Allow additional Elasticsearch templates to be loaded to the index Tested with quick-dev-platform. Currently this will allow the use of custom Elasticsearch templa

[GitHub] incubator-metron issue #133: METRON-180 Enable each component to be installe...

2016-06-06 Thread nickwallen
Github user nickwallen commented on the issue: https://github.com/apache/incubator-metron/pull/133 You can test this by, for example, choosing to install only one of the 'sensor' components and not the rest. Before you had to install all 'sensor' components. Should you want

[GitHub] incubator-metron pull request #144: METRON-211 Enable creation of new Kafka ...

2016-06-06 Thread nickwallen
GitHub user nickwallen opened a pull request: https://github.com/apache/incubator-metron/pull/144 METRON-211 Enable creation of new Kafka topics during deployment You can merge this pull request into a Git repository by running: $ git pull https://github.com/nickwallen/incubat

Re: Missing Disclaimer on Metron Website

2016-06-06 Thread Houshang Livian
Hi Taylor, We will add the disclaimer by end of the week. Thank you again for the mentoring. On 6/6/16, 10:14 AM, "P. Taylor Goetz" wrote: >Hey guys, > >I noticed the Metron website is missing the incubation disclaimer. > >According to the podling branding guidelines [1], the disclaimer is

[GitHub] incubator-metron issue #143: METRON-197: Validation should be the last step ...

2016-06-06 Thread james-sirota
Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/143 If a message or a tuple fails validation then the associated message should get routed to a dead letter queue. I believe there is a different PR that is required to get the dead lette

[GitHub] incubator-metron issue #143: METRON-197: Validation should be the last step ...

2016-06-06 Thread merrimanr
Github user merrimanr commented on the issue: https://github.com/apache/incubator-metron/pull/143 I was under the impression that validations should happen after the field transformations. Is that not the case? --- If your project is set up for it, you can reply to this email and ha

[GitHub] incubator-metron pull request #143: METRON-197: Validation should be the las...

2016-06-06 Thread merrimanr
Github user merrimanr commented on a diff in the pull request: https://github.com/apache/incubator-metron/pull/143#discussion_r65940558 --- Diff: metron-platform/metron-parsers/src/main/java/org/apache/metron/parsers/bolt/ParserBolt.java --- @@ -143,14 +140,14 @@ public void execu

Missing Disclaimer on Metron Website

2016-06-06 Thread P. Taylor Goetz
Hey guys, I noticed the Metron website is missing the incubation disclaimer. According to the podling branding guidelines [1], the disclaimer is required. Can someone make sure this gets added to the website? Thanks, -Taylor [1] http://incubator.apache.org/guides/branding.html signature.asc

[GitHub] incubator-metron issue #143: METRON-197: Validation should be the last step ...

2016-06-06 Thread james-sirota
Github user james-sirota commented on the issue: https://github.com/apache/incubator-metron/pull/143 +1. This is a simple code change in the order of method calls. Builds and all tests pass --- If your project is set up for it, you can reply to this email and have your reply appea

Re: [DISCUSS] Metron Rules Engine Name

2016-06-06 Thread George Vetticaden
I agree we need to rename this. I can see the DSL for the rule engine being used more than just triaging. Even now, I believe it is also being used for the parser transform, filter, validate work.. + 1 on the name Stellar.. On Jun 3, 2016, at 1:56 AM, James Sirota mailto:jsir...@apache.org>> wr

Re: ML features for Metron

2016-06-06 Thread Debojyoti Dutta
Thx Egon. The idea of labeled data collection is awesome, else we have to resort to unsupervised alone. Maybe one of the things the website could do is to point to labeled data contributed by users of Metron. On Mon, Jun 6, 2016 at 12:03 AM, Egon Kidmose wrote: > Hi all, > > I'd be interested in

Re: ML features for Metron

2016-06-06 Thread Debojyoti Dutta
Thanks Yazan ... these seem like great use cases. Online clustering/classification makes sense and Metron could leverage Spark On Sat, Jun 4, 2016 at 8:02 AM, Yazan Boshmaf wrote: > One use case of Apache Metron (or OpenSOC) is to analyze amplification DDoS > attacks

Re: ML features for Metron

2016-06-06 Thread Egon Kidmose
Hi all, I'd be interested in joining that discussion. I'm a phd student applying ML in the security monitoring domain. It is my expectation that I'll be able to contribute with some event correlation and alert filtering methods. (Corelation: Finding events that are relevant to each other. Filteri