metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From merrimanr <>
Subject [GitHub] metron issue #734: METRON-1158: Build backend for grouping alerts into meta ...
Date Fri, 08 Sep 2017 21:11:37 GMT
Github user merrimanr commented on the issue:
    Great job on this.  I spent a lot of time testing and had trouble finding anything wrong.
 The one thing I did notice was that the "timestamp" field was missing from documents in the
metaalerts index.  This is the field we commonly use for sorting so we might want to consider
adding it or switching our default sort field to "_timestamp" instead.  


View raw message