metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Leet <>
Subject [DISCUSS] Metron Release 0.6.0?
Date Wed, 15 Aug 2018 13:11:30 GMT
Hi all,

It's been a little while since the last release, and a couple major items
have gone in since then (or are hopefully close to going in!).  In
particular, I'd personally like to see a release with our Solr work
<> and the
close-to-completion PCAP Query Panel
<>.  There is a thread
around what's left before merging the PCAP feature branch, I encourage you
to take a look. There are also some nice-to-haves as well as some Apache
cleanup around the RAT tool and typescript files

Version Number
I'm proposing bumping to 0.6.0, in particular because of the Solr and PCAP
efforts. We can adjust that as necessary.

I'm proposing we release this from the Metron master branch, plus any
commits the community considers necessary.  Note that I'm proposing that
this release occur after the PCAP feature branch is merged into master.

Proposed Timeframe
I would tentatively like to start work on the RC Wednesday, September 5th.
It's a little further out than usual, but I wanted to kick off the
discussion before Labor Day and to give ongoing  time to settle. And also
because I'll be unavailable around Labor Day.

JIRA Status
There are 31 open PRs at We should
work on getting anything we feel merits inclusion closed out. Please
respond with any tickets we'd like included.

A couple of these are for the PCAP feature branch, and there will be at
least one more for documentation.

There will be updates necessary to get our Jira up to date.  I'll follow up
on that, and ask that everyone double check their tickets.

There have been 106 commits since the 0.5.0 release (listed at the end of
message). There will be a few more when we pull in the PCAP feature branch.

Completed PRs as of Aug 15 as generated by git log --pretty="%cr %s"

5 days ago METRON-1730: Update steps to run pycapa on Centos 6 (mmiklavc
via mmiklavc) closes apache/metron#1152
13 days ago METRON-1701 Update General notes on the installation of Pycapa
on Kerberized cluster (MohanDV via nickwallen) closes apache/metron#1136
3 weeks ago METRON-1650 Packaging docker containers are too large
(jameslamb via merrimanr) closes apache/metron#1091
3 weeks ago METRON-1604 : Add RHEL 7 power pc to OS family for the HCP
management pack repo info closes apache/incubator-metron#1052
3 weeks ago METRON-1687: Upgrade the rat plugin to 0.13-SNAPSHOT closes
3 weeks ago METRON-1694: Clean up Metron REST docs closes
4 weeks ago METRON-1606 Add a &apos;wrap&apos; to incoming messages in the
metron json parser (ottobackwards) closes apache/metron#1054
4 weeks ago METRON-1672 Add metron-alerts&apos;s UI unit tests to travis
build process (justinleet) closes apache/metron#1106
4 weeks ago METRON-1684 Fix Markdown problems in
(justinleet) closes apache/metron#1110
4 weeks ago METRON-1657 Parser aggregation in storm (justinleet) closes
4 weeks ago METRON-1651 Fixing failing protractor e2e test (tiborm via
merrimanr) closes apache/metron#1095
4 weeks ago METRON-1673 Fix Javadoc errors (justinleet) closes
4 weeks ago METRON-1620: Fixes for forensic clustering use case example
(mmiklavc via mmiklavc) closes apache/metron#1065
4 weeks ago METRON-1659: The should check for the vagrant
hostmanager plugin closes apache/incubator-metron#1100
4 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes
4 weeks ago METRON-1236 Add start/stop/restart commands that execute
successfully, when ambari agents run as non-root user closes
4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is locale sensitive
closes apache/incubator-metron#1104
5 weeks ago METRON-1660 On Solr, sorting by threat score fails (justinleet)
closes apache/metron#1102
5 weeks ago METRON-1656 Create KAKFA_SEEK function (nickwallen) closes
5 weeks ago METRON-1644: Support parser chaining closes
5 weeks ago METRON-1655 Make REGEXP_MATCH take multiple regexs in the 2nd
arg (ottobackwards) closes apache/metron#1098
6 weeks ago METRON-1643: Create a REGEX_ROUTING field transformation closes
6 weeks ago METRON-1652 Document X-Pack Common Problem (nickwallen) closes
6 weeks ago METRON-1649 Intermittent Test Failure
ProfileBuilderBoltTest#testFlushExpiredProfiles (nickwallen) closes
6 weeks ago METRON-1635 Alerts UI status update doesn&apos;t immediately
show up (merrimanr) closes apache/metron#1080
6 weeks ago METRON-1642: KafkaWriter should be able choose the topic from a
field in addition to topology construction time closes
6 weeks ago METRON-1636: Fix broken unit test setup in metron-alerts closes
7 weeks ago METRON-1631 Alerts UI: Dash score does not show if only
filtering by one group (sardell via merrimanr) closes apache/metron#1079
7 weeks ago METRON-1647 Fix logging level score closes
7 weeks ago METRON-1621: Sorting alerts table by score closes
7 weeks ago METRON-1619: Stellar empty collections should be considered
false in boolean expressions closes apache/incubator-metron#1064
7 weeks ago METRON-1646 Sensor Stubs should work when kerberized
(nickwallen) closes apache/metron#1087
7 weeks ago METRON-1645: Check wether the Solr management pack is installed
before configuring the solr principal name. closes
7 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
7 weeks ago METRON-1634 Alerts UI add comment doesn&apos;t immediately show
up. (merrimanr) closes apache/metron#1077
7 weeks ago METRON-1489 Retrofit UI tests to run reliably during nightly QE
runs (sardell via nickwallen) closes apache/metron#1004
7 weeks ago METRON-1637 Wrong path to escalate alert REST endpoint
(merrimanr) closes apache/metron#1078
8 weeks ago METRON-1624 Set Profiler and Enrichment batch parameters in
Ambari (nickwallen) closes apache/metron#1069
8 weeks ago Merge remote-tracking branch 'origin/master' into
8 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
(nickwallen) closes apache/metron#1075
8 weeks ago METRON-1629 Update Solr documentation (merrimanr via
justinleet) closes apache/metron#1072
8 weeks ago METRON-1633 Incorrect instructions when merging PR into feature
branch (nickwallen) closes apache/metron#1074
8 weeks ago METRON-1630 Add threat.triage.score.field to READMEs
(merrimanr) closes apache/metron#1073
8 weeks ago METRON-1609 Elasticsearch settings in Ambari should not be
required if Solr is the indexer (nickwallen) closes apache/metron#1056
8 weeks ago METRON-1627 Alerts UI: Metaalert details missing in details
panel when trying to add alert to existing metaalert (sardell via
justinleet) closes apache/metron#1070
8 weeks ago METRON-1625 Merge master into Solr feature branch (merrimanr)
closes apache/metron#1067
8 weeks ago METRON-1626 Alerts UI: An empty result is returned when
searching for a single alert contained in a metaalert (sardell via
nickwallen) closes apache/metron#1068
8 weeks ago METRON-1611 Increment master version number to 0.5.1 for
on-going development (justinleet) closes apache/metron#1057
8 weeks ago METRON-1622 Allow user to define global property
'threat.triage.score.field' in Ambari (nickwallen) closes apache/metron#1066
8 weeks ago METRON-1599 Allow user to define global property
'source.type.field' in Ambari (nickwallen) closes apache/metron#1047
8 weeks ago METRON-1616 Changing alert status fails if no metaalerts have
been created yet (merrimanr) closes apache/metron#1061
8 weeks ago METRON-1573 Enhance KAFKA_* functions to return partition and
offset details (nickwallen) closes apache/metron#1030
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago METRON-1617: Make threat triage score function with dots as
well as colons closes apache/incubator-metron#1062
9 weeks ago METRON-1613 Metaalerts status update broken in Alerts UI
(merrimanr) closes apache/metron#1059
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago METRON-1588 Migrate storm-kafka-client to 1.2.1 closes
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago Merge branch 'feature/METRON-1416-upgrade-solr' of into
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
9 weeks ago METRON-1587 Make collection utility work for HDP search
(merrimanr) closes apache/metron#1043
9 weeks ago METRON-1612 Fix website download links (justinleet) closes
9 weeks ago METRON-1608 Add configuration for threat.triage.field name
(merrimanr) closes apache/metron#1055
10 weeks ago METRON-1585 SolrRetrieveLatestDao does not use the collection
lookup (justinleet via merrimanr) closes apache/metron#1050
10 weeks ago METRON-1533 Create KAFKA_FIND Stellar Function (nickwallen)
closes apache/metron#1025
10 weeks ago METRON-1601: Rename metaalert alert nested field to
metron_alert to avoid collision closes apache/incubator-metron#1049
10 weeks ago METRON-1572 Enhance KAFKA_PUT function (nickwallen) closes
10 weeks ago METRON-1607 update public web site to point at 0.5.0 new
release (justinleet) closes apache/metron#1053
10 weeks ago METRON-1568: Stellar should have a _ special variable which
returns the message in map form closes apache/incubator-metron#1021
10 weeks ago METRON-1594: KafkaWriter is asynchronous and may lose data on
node failure (mmiklavc via mmiklavc) closes apache/metron#1045
10 weeks ago METRON-1603: Fix multivalue field errors in Bro Solr schema
(mmiklavc via mmiklavc) closes apache/metron#1051
10 weeks ago METRON-1584 Indexing Topology Crashes with Invalid Message
(nickwallen) closes apache/metron#1036
2 months ago METRON-1547 Solr Comment Fields (justinleet) closes
2 months ago METRON-1553 Validate JIRA Script Error (nickwallen) closes
2 months ago METRON-1592 Unable to use third party parser with Storm
versions >= 1.1.0 (nickwallen) closes apache/metron#1042
2 months ago METRON-1598 NoClassDefFoundError when running with
Elasticsearch X-Pack (nickwallen) closes apache/metron#1048
2 months ago METRON-1589 '/api/v1/search/search' fails when 'Solr Zookeeper
Urls' has comma separated multiple zookeeper urls (justinleet) closes
2 months ago METRON-1593 Setting Metron rest additional classpath removes
HBase and Hadoop configs from classpath (merrimanr) closes
2 months ago METRON-1571 Correct KAFKA_TAIL Seek to End Logic (nickwallen)
closes apache/metron#1023
3 months ago METRON-1579: Stellar should return the expression that failed
in the exception closes apache/incubator-metron#1033
3 months ago METRON-1586 Defaulting for the source type field in alerts UI
does not work (merrimanr via justinleet) closes apache/metron#1038
3 months ago METRON-1569: Allow user to change field name conversion when
indexing to Elasticsearch (nickwallen via mmiklavc) closes
3 months ago METRON-1544 Flaky test:
(nickwallen) closes apache/metron#1015
3 months ago METRON-1580 Release candidate check script requires Bro Plugin
(nickwallen via ottobackwards) closes apache/metron#1034
3 months ago METRON-1532 Getting started documentation improvements
(sardell via nickwallen) closes apache/metron#1001
3 months ago METRON-1577 Solr searches don&apos;t include the index of the
result (merrimanr) closes apache/metron#1031
3 months ago METRON-1421 Create a SolrMetaAlertDao (justinleet) closes
3 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
3 months ago METRON-1567 Large error message can&apos;t be written in Solr
(justinleet) closes apache/metron#1020
3 months ago METRON-1540 Solr Integration tests should use actual schemas
(justinleet) closes apache/metron#1005
4 months ago Merge remote-tracking branch 'origin/master' into
4 months ago METRON-1526 Location field types cause DocValuesField appear
more than once error (merrimanr via justinleet) closes apache/metron#995
4 months ago METRON-1503 Alerts are not getting populated in alerts UI when
search engine is Solr (merrimanr) closes apache/metron#975
5 months ago METRON-1424 Kerberos: Solr (merrimanr) closes apache/metron#960
5 months ago METRON-1482 Update REST to work with Solr (merrimanr) closes
5 months ago METRON-1464 Convert schemas to be compatible with Solr 5.5.2
(merrimanr) closes apache/metron#945
6 months ago METRON-1423 Ambari work to handle Solr configuration
(merrimanr) closes apache/metron#934
6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
6 months ago METRON-1448: Update SolrWriter to conform to new collection
strategy this closes apache/incubator-metron#929
6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
6 months ago METRON-1441: Create complementary Solr schemas for the main
sensors this closes apache/metron#922
6 months ago METRON-1436: Manually Install Solr Cloud in Full Dev (mmiklavc
via mmiklavc) closes apache/metron#918
6 months ago METRON-1419: Create a SolrDao this closes

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message