metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "" <>
Subject Re: [DISCUSS] Metron Release 0.6.0?
Date Wed, 15 Aug 2018 13:48:27 GMT
I agree - I would love to see a release not long after the PCAP FB gets
into master, and 0.6.0 makes sense to me.

I'd also like to see a 0.2 release of metron-bro-plugin-kafka.  There is
one new commit, and I have a PR open which is waiting on some tests before
it's ready to be evaluated/merged.  I will try to get that work done asap.
As of right now metron's dev ansible scripts pin to a specific release of
metron-bro-plugin-kafka (0.1
and I'm fine leaving that as is until after the coming release, but we
could also do a metron-bro-plugin-kafka release first and then update
metron to point the dev environment to the new package prior to the
upcoming RC.

I would also like to discuss what the roadmap looks like for a 1.0 release
and perhaps a more regular release schedule.  I have some thoughts but
don't want to hijack this thread.


On Wed, Aug 15, 2018 at 9:11 AM Justin Leet <> wrote:

> Hi all,
> It's been a little while since the last release, and a couple major items
> have gone in since then (or are hopefully close to going in!).  In
> particular, I'd personally like to see a release with our Solr work
> <> and the
> close-to-completion PCAP Query Panel
> <>.  There is a thread
> <
> >
> around what's left before merging the PCAP feature branch, I encourage you
> to take a look. There are also some nice-to-haves as well as some Apache
> cleanup around the RAT tool and typescript files
> <>.
> Version Number
> I'm proposing bumping to 0.6.0, in particular because of the Solr and PCAP
> efforts. We can adjust that as necessary.
> I'm proposing we release this from the Metron master branch, plus any
> commits the community considers necessary.  Note that I'm proposing that
> this release occur after the PCAP feature branch is merged into master.
> Proposed Timeframe
> I would tentatively like to start work on the RC Wednesday, September 5th.
> It's a little further out than usual, but I wanted to kick off the
> discussion before Labor Day and to give ongoing  time to settle. And also
> because I'll be unavailable around Labor Day.
> JIRA Status
> There are 31 open PRs at We should
> work on getting anything we feel merits inclusion closed out. Please
> respond with any tickets we'd like included.
> A couple of these are for the PCAP feature branch, and there will be at
> least one more for documentation.
> There will be updates necessary to get our Jira up to date.  I'll follow up
> on that, and ask that everyone double check their tickets.
> There have been 106 commits since the 0.5.0 release (listed at the end of
> message). There will be a few more when we pull in the PCAP feature branch.
> Completed PRs as of Aug 15 as generated by git log --pretty="%cr %s"
> tags/apache-metron-0.5.0-release..HEAD.
> 5 days ago METRON-1730: Update steps to run pycapa on Centos 6 (mmiklavc
> via mmiklavc) closes apache/metron#1152
> 13 days ago METRON-1701 Update General notes on the installation of Pycapa
> on Kerberized cluster (MohanDV via nickwallen) closes apache/metron#1136
> 3 weeks ago METRON-1650 Packaging docker containers are too large
> (jameslamb via merrimanr) closes apache/metron#1091
> 3 weeks ago METRON-1604 : Add RHEL 7 power pc to OS family for the HCP
> management pack repo info closes apache/incubator-metron#1052
> 3 weeks ago METRON-1687: Upgrade the rat plugin to 0.13-SNAPSHOT closes
> apache/incubator-metron#1126
> 3 weeks ago METRON-1694: Clean up Metron REST docs closes
> apache/incubator-metron#1131
> 4 weeks ago METRON-1606 Add a &apos;wrap&apos; to incoming messages in the
> metron json parser (ottobackwards) closes apache/metron#1054
> 4 weeks ago METRON-1672 Add metron-alerts&apos;s UI unit tests to travis
> build process (justinleet) closes apache/metron#1106
> 4 weeks ago METRON-1684 Fix Markdown problems in
> (justinleet) closes apache/metron#1110
> 4 weeks ago METRON-1657 Parser aggregation in storm (justinleet) closes
> apache/metron#1099
> 4 weeks ago METRON-1651 Fixing failing protractor e2e test (tiborm via
> merrimanr) closes apache/metron#1095
> 4 weeks ago METRON-1673 Fix Javadoc errors (justinleet) closes
> apache/metron#1107
> 4 weeks ago METRON-1620: Fixes for forensic clustering use case example
> (mmiklavc via mmiklavc) closes apache/metron#1065
> 4 weeks ago METRON-1659: The should check for the vagrant
> hostmanager plugin closes apache/incubator-metron#1100
> 4 weeks ago METRON-1658: Upgrade bro to 2.5.4 closes
> apache/incubator-metron#1101
> 4 weeks ago METRON-1236 Add start/stop/restart commands that execute
> successfully, when ambari agents run as non-root user closes
> apache/incubator-metron#1105
> 4 weeks ago METRON-1670: Stellar WEEK_OF_YEAR test is locale sensitive
> closes apache/incubator-metron#1104
> 5 weeks ago METRON-1660 On Solr, sorting by threat score fails (justinleet)
> closes apache/metron#1102
> 5 weeks ago METRON-1656 Create KAKFA_SEEK function (nickwallen) closes
> apache/metron#1097
> 5 weeks ago METRON-1644: Support parser chaining closes
> apache/incubator-metron#1084
> 5 weeks ago METRON-1655 Make REGEXP_MATCH take multiple regexs in the 2nd
> arg (ottobackwards) closes apache/metron#1098
> 6 weeks ago METRON-1643: Create a REGEX_ROUTING field transformation closes
> apache/incubator-metron#1083
> 6 weeks ago METRON-1652 Document X-Pack Common Problem (nickwallen) closes
> apache/metron#1092
> 6 weeks ago METRON-1649 Intermittent Test Failure
> ProfileBuilderBoltTest#testFlushExpiredProfiles (nickwallen) closes
> apache/metron#1090
> 6 weeks ago METRON-1635 Alerts UI status update doesn&apos;t immediately
> show up (merrimanr) closes apache/metron#1080
> 6 weeks ago METRON-1642: KafkaWriter should be able choose the topic from a
> field in addition to topology construction time closes
> apache/incubator-metron#1082
> 6 weeks ago METRON-1636: Fix broken unit test setup in metron-alerts closes
> apache/incubator-metron#1085
> 7 weeks ago METRON-1631 Alerts UI: Dash score does not show if only
> filtering by one group (sardell via merrimanr) closes apache/metron#1079
> 7 weeks ago METRON-1647 Fix logging level score closes
> apache/incubator-metron#1089
> 7 weeks ago METRON-1621: Sorting alerts table by score closes
> apache/incubator-metron#1088
> 7 weeks ago METRON-1619: Stellar empty collections should be considered
> false in boolean expressions closes apache/incubator-metron#1064
> 7 weeks ago METRON-1646 Sensor Stubs should work when kerberized
> (nickwallen) closes apache/metron#1087
> 7 weeks ago METRON-1645: Check wether the Solr management pack is installed
> before configuring the solr principal name. closes
> apache/incubator-metron#1086
> 7 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 7 weeks ago METRON-1634 Alerts UI add comment doesn&apos;t immediately show
> up. (merrimanr) closes apache/metron#1077
> 7 weeks ago METRON-1489 Retrofit UI tests to run reliably during nightly QE
> runs (sardell via nickwallen) closes apache/metron#1004
> 7 weeks ago METRON-1637 Wrong path to escalate alert REST endpoint
> (merrimanr) closes apache/metron#1078
> 8 weeks ago METRON-1624 Set Profiler and Enrichment batch parameters in
> Ambari (nickwallen) closes apache/metron#1069
> 8 weeks ago Merge remote-tracking branch 'origin/master' into
> feature/METRON-1416-upgrade-solr
> 8 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> (nickwallen) closes apache/metron#1075
> 8 weeks ago METRON-1629 Update Solr documentation (merrimanr via
> justinleet) closes apache/metron#1072
> 8 weeks ago METRON-1633 Incorrect instructions when merging PR into feature
> branch (nickwallen) closes apache/metron#1074
> 8 weeks ago METRON-1630 Add threat.triage.score.field to READMEs
> (merrimanr) closes apache/metron#1073
> 8 weeks ago METRON-1609 Elasticsearch settings in Ambari should not be
> required if Solr is the indexer (nickwallen) closes apache/metron#1056
> 8 weeks ago METRON-1627 Alerts UI: Metaalert details missing in details
> panel when trying to add alert to existing metaalert (sardell via
> justinleet) closes apache/metron#1070
> 8 weeks ago METRON-1625 Merge master into Solr feature branch (merrimanr)
> closes apache/metron#1067
> 8 weeks ago METRON-1626 Alerts UI: An empty result is returned when
> searching for a single alert contained in a metaalert (sardell via
> nickwallen) closes apache/metron#1068
> 8 weeks ago METRON-1611 Increment master version number to 0.5.1 for
> on-going development (justinleet) closes apache/metron#1057
> 8 weeks ago METRON-1622 Allow user to define global property
> 'threat.triage.score.field' in Ambari (nickwallen) closes
> apache/metron#1066
> 8 weeks ago METRON-1599 Allow user to define global property
> 'source.type.field' in Ambari (nickwallen) closes apache/metron#1047
> 8 weeks ago METRON-1616 Changing alert status fails if no metaalerts have
> been created yet (merrimanr) closes apache/metron#1061
> 8 weeks ago METRON-1573 Enhance KAFKA_* functions to return partition and
> offset details (nickwallen) closes apache/metron#1030
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago METRON-1617: Make threat triage score function with dots as
> well as colons closes apache/incubator-metron#1062
> 9 weeks ago METRON-1613 Metaalerts status update broken in Alerts UI
> (merrimanr) closes apache/metron#1059
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago METRON-1588 Migrate storm-kafka-client to 1.2.1 closes
> apache/incubator-metron#1039
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago Merge branch 'feature/METRON-1416-upgrade-solr' of
> into
> feature/METRON-1416-upgrade-solr
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 9 weeks ago METRON-1587 Make collection utility work for HDP search
> (merrimanr) closes apache/metron#1043
> 9 weeks ago METRON-1612 Fix website download links (justinleet) closes
> apache/metron#1058
> 9 weeks ago METRON-1608 Add configuration for threat.triage.field name
> (merrimanr) closes apache/metron#1055
> 10 weeks ago METRON-1585 SolrRetrieveLatestDao does not use the collection
> lookup (justinleet via merrimanr) closes apache/metron#1050
> 10 weeks ago METRON-1533 Create KAFKA_FIND Stellar Function (nickwallen)
> closes apache/metron#1025
> 10 weeks ago METRON-1601: Rename metaalert alert nested field to
> metron_alert to avoid collision closes apache/incubator-metron#1049
> 10 weeks ago METRON-1572 Enhance KAFKA_PUT function (nickwallen) closes
> apache/metron#1024
> 10 weeks ago METRON-1607 update public web site to point at 0.5.0 new
> release (justinleet) closes apache/metron#1053
> 10 weeks ago METRON-1568: Stellar should have a _ special variable which
> returns the message in map form closes apache/incubator-metron#1021
> 10 weeks ago METRON-1594: KafkaWriter is asynchronous and may lose data on
> node failure (mmiklavc via mmiklavc) closes apache/metron#1045
> 10 weeks ago METRON-1603: Fix multivalue field errors in Bro Solr schema
> (mmiklavc via mmiklavc) closes apache/metron#1051
> 10 weeks ago METRON-1584 Indexing Topology Crashes with Invalid Message
> (nickwallen) closes apache/metron#1036
> 2 months ago METRON-1547 Solr Comment Fields (justinleet) closes
> apache/metron#1037
> 2 months ago METRON-1553 Validate JIRA Script Error (nickwallen) closes
> apache/metron#1013
> 2 months ago METRON-1592 Unable to use third party parser with Storm
> versions >= 1.1.0 (nickwallen) closes apache/metron#1042
> 2 months ago METRON-1598 NoClassDefFoundError when running with
> Elasticsearch X-Pack (nickwallen) closes apache/metron#1048
> 2 months ago METRON-1589 '/api/v1/search/search' fails when 'Solr Zookeeper
> Urls' has comma separated multiple zookeeper urls (justinleet) closes
> apache/metron#1040
> 2 months ago METRON-1593 Setting Metron rest additional classpath removes
> HBase and Hadoop configs from classpath (merrimanr) closes
> apache/metron#1044
> 2 months ago METRON-1571 Correct KAFKA_TAIL Seek to End Logic (nickwallen)
> closes apache/metron#1023
> 3 months ago METRON-1579: Stellar should return the expression that failed
> in the exception closes apache/incubator-metron#1033
> 3 months ago METRON-1586 Defaulting for the source type field in alerts UI
> does not work (merrimanr via justinleet) closes apache/metron#1038
> 3 months ago METRON-1569: Allow user to change field name conversion when
> indexing to Elasticsearch (nickwallen via mmiklavc) closes
> apache/metron#1022
> 3 months ago METRON-1544 Flaky test:
> org.apache.metron.stellar.common.CachingStellarProcessorTest#testCaching
> (nickwallen) closes apache/metron#1015
> 3 months ago METRON-1580 Release candidate check script requires Bro Plugin
> (nickwallen via ottobackwards) closes apache/metron#1034
> 3 months ago METRON-1532 Getting started documentation improvements
> (sardell via nickwallen) closes apache/metron#1001
> 3 months ago METRON-1577 Solr searches don&apos;t include the index of the
> result (merrimanr) closes apache/metron#1031
> 3 months ago METRON-1421 Create a SolrMetaAlertDao (justinleet) closes
> apache/metron#970
> 3 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 3 months ago METRON-1567 Large error message can&apos;t be written in Solr
> (justinleet) closes apache/metron#1020
> 3 months ago METRON-1540 Solr Integration tests should use actual schemas
> (justinleet) closes apache/metron#1005
> 4 months ago Merge remote-tracking branch 'origin/master' into
> feature/METRON-1416-upgrade-solr
> 4 months ago METRON-1526 Location field types cause DocValuesField appear
> more than once error (merrimanr via justinleet) closes apache/metron#995
> 4 months ago METRON-1503 Alerts are not getting populated in alerts UI when
> search engine is Solr (merrimanr) closes apache/metron#975
> 5 months ago METRON-1424 Kerberos: Solr (merrimanr) closes
> apache/metron#960
> 5 months ago METRON-1482 Update REST to work with Solr (merrimanr) closes
> apache/metron#957
> 5 months ago METRON-1464 Convert schemas to be compatible with Solr 5.5.2
> (merrimanr) closes apache/metron#945
> 6 months ago METRON-1423 Ambari work to handle Solr configuration
> (merrimanr) closes apache/metron#934
> 6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 6 months ago METRON-1448: Update SolrWriter to conform to new collection
> strategy this closes apache/incubator-metron#929
> 6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 6 months ago Merge branch 'master' into feature/METRON-1416-upgrade-solr
> 6 months ago METRON-1441: Create complementary Solr schemas for the main
> sensors this closes apache/metron#922
> 6 months ago METRON-1436: Manually Install Solr Cloud in Full Dev (mmiklavc
> via mmiklavc) closes apache/metron#918
> 6 months ago METRON-1419: Create a SolrDao this closes
> apache/incubator-metron#911


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message