You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@metron.apache.org by Matt Foley <ma...@apache.org> on 2018/01/04 21:11:40 UTC
[ANNOUNCE] Apache Metron release 0.4.2 and Apache Metron bro plugin
for Kafka release 0.1
Metron Community: Happy New Year.
I’m happy to announce the release of Metron 0.4.2. A great deal of work from across the community went into this, with over 100 enhancements, improvements, and bug fixes since 0.4.1. Thanks to all contributors, and may all users enjoy the new features!
This release also includes the first official release of the apache-metron-bro-plugin-kafka, version 0.1.
Details:
The official release source code tarballs may be obtained at any of the mirrors listed in
http://www.apache.org/dyn/closer.cgi/metron/0.4.2/
As usual, the secure signatures and confirming hashes may be obtained at
https://dist.apache.org/repos/dist/release/metron/0.4.2/
The release branches in github are
https://github.com/apache/metron/tree/Metron_0.4.2 (tag apache-metron-0.4.2-release)
https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1)
The release doc book is at http://metron.apache.org/current-book/index.html
The Apache Metron web site at http://metron.apache.org/ has been updated; please refresh your web browser cache if the new links do not immediately appear.
Change lists and Release Notes may be obtained at the same locations as the tarballs.
For your reading pleasure, the change list is appended to this message.
Best regards,
--Matt Foley
release manager
Metron CHANGES (in reverse chron order):
METRON-1373 RAT failure for metron-interface/metron-alerts (mattf-horton) closes apache/metron#875
METRON-1313 Update metron-deployment to use bro-pkg to install the kafka plugin (JonZeolla) closes apache/metron#847
METRON-1346 Add new PMC members to web site (ottobackwards) closes apache/metron#860
METRON-1336 Patching Can Result in Bad Configuration (nickwallen) closes apache/metron#851
METRON-1335 Install metron-maas-service RPM as a part of the full-dev deployment (anandsubbu via ottobackwards) closes apache/metron#850
METRON-1308 Fix Metron Documentation (JonZeolla) closes apache/metron#836
METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen) closes apache/metron#855
METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet) closes apache/metron#823
METRON-1334 Add C++11 Compliance Check to platform-info.sh (nickwallen) closes apache/metron#849
METRON-1277 Add match statement to Stellar language closes apache/incubator-metron#814
METRON-1239 Drop extra dev environments (nickwallen) closes apache/metron#852
METRON-1328 Enhance platform-info.sh script to check if docker daemon is running (anandsubbu via nickwallen) closes apache/metron#846
METRON-1333 Ansible-Docker can no longer build metron (ottobackwards) closes apache/metron#848
METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra via nickwallen) closes apache/metron#803
METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen) closes apache/metron#841
METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844
METRON-1319 Column Metadata REST service should use default indices on empty input (merrimanr) closes apache/metron#843
METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices (nickwallen) closes apache/metron#845
METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters Some Records (nickwallen) closes apache/metron#832
METRON-1294 IP addresses are not formatted correctly in facet and group results (merrimanr) closes apache/metron#827
METRON-1291 Kafka produce REST endpoint does not work in a Kerberized cluster (merrimanr) closes apache/metron#826
METRON-1290 Only first 10 alerts are update when a MetaAlert status is changed to inactive (justinleet) closes apache/metron#842
METRON-1311 Service Check Should Check Elasticsearch Index Templates (nickwallen) closes apache/metron#839
METRON-1289 Alert fields are lost when a MetaAlert is created (merrimanr) closes apache/metron#824
METRON-1309 Change metron-deployment to pull the plugin from apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837
METRON-1310 Template Delete Action Deletes Search Indices (nickwallen) closes apache/metron#838
METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833
METRON-1295 Unable to Configure Logging for REST API (nickwallen) closes apache/metron#828
METRON-1307 Force install of java8 since java9 does not appear to work with the scripts (brianhurley via ottobackwards) closes apache/metron#835
METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via cestella) closes apache/incubator-metron#829
METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr) closes apache/metron#821
METRON-1287 Full Dev Fails When Installing EPEL Repository (nickwallen) closes apache/metron#820
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page (iraghumitra via merrimanr) closes apache/metron#819
METRON-1283 Install Elasticsearch template as a part of the mpack startup scripts (anandsubbu via nickwallen) closes apache/metron#817
METRON-1254 Conditionals as map keys do not function in Stellar closes apache/incubator-metron#801
METRON-1261 Apply bro security patch (JonZeolla via ottobackwards) closes apache/metron#805
METRON-1284 Remove extraneous dead query in ElasticsearchDao (justinleet) closes apache/metron#818
METRON-1270 fix for warnings missing @return tag argument in metron-analytics/metron-profiler-common and metron-profiler-client closes apache/incubator-metron#810
METRON-1272 Hide child alerts from searches and grouping if they belong to meta alerts (justinleet) closes apache/metron#811
METRON-1224 Add time range selection to search control (iraghumitra via james-sirota) closes apache/metron#796
METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via justinleet) closes apache/metron#816
METRON-1243 Add a REST endpoint which allows us to get a list of all indice closes apache/incubator-metron#797
METRON-1196 Increment master version number to 0.4.2 for on-going development (mattf-horton) closes apache/metron#767
METRON-1278 Strip "Build Status" widget from root README.md in site-book build (mattf-horton) closes apache/metron#815
METRON-1274 Master has failure in StormControllerIntegrationTest (merrimanr) closes apache/metron#813
METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes apache/metron#809
METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen) closes apache/metron#804
METRON-1251 Typo and formatting fixes for metron-rest README closes apache/incubator-metron#800
METRON-1241 Enable the REST API to use a cache for the zookeeper config similar to the Bolts closes apache/incubator-metron#795
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page (merrimanr) closes apache/metron#808
METRON-1262 Unable to add comment for a alert in a meta-alert (merrimanr) closes apache/metron#806
METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via nickwallen) closes apache/metron#807
METRON-1255 MetaAlert search is not filtering on status (merrimanr) closes apache/metron#802
METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes apache/metron#799
METRON-1237 address javadoc warnings in metron-maas-common (dbist via james-sirota) closes apache/metron#792
METRON-1240 address javadoc warnings in metron-platform and metron-analytics (dbist via james-sirota) closes apache/metron#794
METRON-1226 Searching Can Errantly Query the Wrong Indices (nickwallen) closes apache/metron#793
METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes apache/metron#682
METRON-1123 Add group by option using faceted search capabilities of metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768
METRON-1223 Add support to add comments for alerts (iraghumitra via james-sirota) closes apache/metron#788
METRON-1083 Add filters using faceted search capabilities of metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710
METRON-1232 Alert status changes are not reflected in list view (iraghumitra via merrimanr) closes apache/metron#787
METRON-1247 REST search and findOne endpoints return unexpected or incorrect results for guids (justinleet) closes apache/metron#798
METRON-1235 Document the properties pulled from the global configuration closes apache/incubator-metron#791
METRON-1234 fix for WARNING 'dependencies.dependency.(groupId:artifactId:type:classifier)' must be unique: org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes apache/metron#790
METRON-1222 fix warning for The expression ${parent.version} is deprecated. Please use ${project.parent.version} instead. (dbist via mmiklavc) closes apache/metron#782
METRON-1220 Create documentation around alert nested field (justinleet) closes apache/metron#780
METRON-1229 Management UI type is part of the declarations of 2 modules (merrimanr) closes apache/metron#784
METRON-1228 Configuration Management PUSH immediately does DUMP after (mmiklavc via mmiklavc) closes apache/metron#783
METRON-1218 Metron REST should return better error messages (merrimanr) closes apache/metron#779
METRON-1161 Add ability to edit parser command line options in the management UI (merrimanr) closes apache/metron#737
METRON-1209 Make stellar repl take logging properties, like other CLI apps in metron closes apache/incubator-metron#772
METRON-1059 address checkstyle warning AvoidStarImport in metron-stellar (dbist via ottobackwards) closes apache/metron#664
METRON-1204 UI does not time out after being idle, but stops functioning (merrimanr) closes apache/metron#771
METRON-1052 Add forensic similarity hash functions to Stellar closes apache/incubator-metron#781
METRON-632 Added validation of "shew.enrichmentType" and "shew.keyColumns" closes apache/incubator-metron#732
METRON-1194 Add Profiler Debug Functions to Profiler README (nickwallen via ottobackwards) closes apache/metron#765
METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6 updates (lvets via ottobackwards) closes apache/metron#661
METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes apache/metron#681
METRON-1085 Add REST endpoint to save a user profile for the Alerts UI (merrimanr) closes apache/metron#694
METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778
METRON-1207 Make RPMs for Alerts UI (merrimanr) closes apache/metron#777
METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes apache/metron#776
METRON-1206 Make alerts UI conform to ops UI for install (merrimanr) closes apache/metron#773
METRON-1195 Meta alerts improperly handle updates to non-alert fields (justinleet) closes apache/metron#766
METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes apache/metron#762
METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen) closes apache/metron#733
METRON-1198 Pycapa - No such configuration property 'sasl.kerberos.principal' (nickwallen) closes apache/metron#769
METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet) closes apache/metron#770
METRON-938 "service metron-rest start <password>" does not work on CentOS 7. (justinleet) closes apache/metron#757
METRON-1182 Refactor Code in alert list to accommodate new view types (iraghumitra via merrimanr) closes apache/metron#756
METRON-1188 Ambari global configuration management (mmiklavc) closes apache/metron#760
METRON-1191 update public web site to point at 0.4.1 new release (mattf-horton) closes apache/metron#764
METRON-1063 address javadoc warnings in metron-stellar (dbist via ottobackwards) closes apache/metron#668
METRON-1190 Fix Meta Alert Type handling in calculation of scores (justinleet) closes apache/metron#763
METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly (nickwallen) closes apache/metron#759
METRON-1185 Stellar REPL does not work on a kerberized cluster when calling functions interacting with HBase closes apache/incubator-metron#755
METRON-1186 Profiler Functions use classutils from shaded storm closes apache/incubator-metron#758
METRON-1173 Fix pointers to old stellar docs closes apache/incubator-metron#746
METRON-1179 Make STATS_ADD to take a list closes apache/incubator-metron#750
METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list and not require a port closes apache/incubator-metron#751
METRON-1183 Improve KDC Setup Instructions (nickwallen) closes apache/metron#753
METRON-1177 Stale running topologies seen post-kerberization and cause exceptions (nickwallen) closes apache/metron#748
METRON-1158 Build backend for grouping alerts into meta alerts (justinleet) closes apache/metron#734
METRON-1146 Add ability to parse JSON string into JSONObject for stellar closes apache/incubator-metron#727
METRON-1176 REST: HDFS Service should support setting permissions on files when writing (ottobackwards) closes apache/metron#749
METRON-1114 Add group by capabilities to search REST endpoint (merrimanr) closes apache/metron#702
METRON-1167 Define Session Specific Global Configuration Values in the REPL (nickwallen) closes apache/metron#740
METRON-1171 Better validation for the SUBSTRING stellar function closes apache/incubator-metron#745
CHANGES.bro-plugin:
METRON-1329 Simplify metron-bro-plugin-kafka package loading (JonZeolla) closes apache/metron-bro-plugin-kafka#4
METRON-813 Migrate metron-bro-plugin-kafka to be a bro package (JonZeolla) closes apache/metron-bro-plugin-kafka#3
METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes apache/metron-bro-plugin-kafka#1
METRON-1173 Fix pointers to old stellar docs closes apache/incubator-metron#746
METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes apache/metron#547
METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins (nickwallen) closes apache/incubator-metron#545
METRON-867 In the event that we graduate, remove incubating from the website and documentation closes apache/incubator-metron#539
METRON-823 bro-plugin-kafka/README.md has Markdown usages not compatible with site-book closes apache/incubator-metron#511
METRON-812 Make the bro-kafka plugin work with kerberos this closes apache/incubator-metron#501
METRON-108 Create Fast Packet Capture Process (nickwallen) closes apache/incubator-metron#73
Re: [ANNOUNCE] Apache Metron release 0.4.2 and Apache Metron bro
plugin for Kafka release 0.1
Posted by Otto Fowler <ot...@gmail.com>.
Thank you Matt, and congratulations everyone!
On January 4, 2018 at 16:11:50, Matt Foley (mattf@apache.org) wrote:
Metron Community: Happy New Year.
I’m happy to announce the release of Metron 0.4.2. A great deal of work
from across the community went into this, with over 100 enhancements,
improvements, and bug fixes since 0.4.1. Thanks to all contributors, and
may all users enjoy the new features!
This release also includes the first official release of the
apache-metron-bro-plugin-kafka, version 0.1.
Details:
The official release source code tarballs may be obtained at any of the
mirrors listed in
http://www.apache.org/dyn/closer.cgi/metron/0.4.2/
As usual, the secure signatures and confirming hashes may be obtained at
https://dist.apache.org/repos/dist/release/metron/0.4.2/
The release branches in github are
https://github.com/apache/metron/tree/Metron_0.4.2 (tag
apache-metron-0.4.2-release)
https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1)
The release doc book is at http://metron.apache.org/current-book/index.html
The Apache Metron web site at http://metron.apache.org/ has been updated;
please refresh your web browser cache if the new links do not immediately
appear.
Change lists and Release Notes may be obtained at the same locations as the
tarballs.
For your reading pleasure, the change list is appended to this message.
Best regards,
--Matt Foley
release manager
Metron CHANGES (in reverse chron order):
METRON-1373 RAT failure for metron-interface/metron-alerts (mattf-horton)
closes apache/metron#875
METRON-1313 Update metron-deployment to use bro-pkg to install the kafka
plugin (JonZeolla) closes apache/metron#847
METRON-1346 Add new PMC members to web site (ottobackwards) closes
apache/metron#860
METRON-1336 Patching Can Result in Bad Configuration (nickwallen) closes
apache/metron#851
METRON-1335 Install metron-maas-service RPM as a part of the full-dev
deployment (anandsubbu via ottobackwards) closes apache/metron#850
METRON-1308 Fix Metron Documentation (JonZeolla) closes apache/metron#836
METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen) closes
apache/metron#855
METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet)
closes apache/metron#823
METRON-1334 Add C++11 Compliance Check to platform-info.sh (nickwallen)
closes apache/metron#849
METRON-1277 Add match statement to Stellar language closes
apache/incubator-metron#814
METRON-1239 Drop extra dev environments (nickwallen) closes
apache/metron#852
METRON-1328 Enhance platform-info.sh script to check if docker daemon is
running (anandsubbu via nickwallen) closes apache/metron#846
METRON-1333 Ansible-Docker can no longer build metron (ottobackwards)
closes apache/metron#848
METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra via
nickwallen) closes apache/metron#803
METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen)
closes apache/metron#841
METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844
METRON-1319 Column Metadata REST service should use default indices on
empty input (merrimanr) closes apache/metron#843
METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices
(nickwallen) closes apache/metron#845
METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters Some
Records (nickwallen) closes apache/metron#832
METRON-1294 IP addresses are not formatted correctly in facet and group
results (merrimanr) closes apache/metron#827
METRON-1291 Kafka produce REST endpoint does not work in a Kerberized
cluster (merrimanr) closes apache/metron#826
METRON-1290 Only first 10 alerts are update when a MetaAlert status is
changed to inactive (justinleet) closes apache/metron#842
METRON-1311 Service Check Should Check Elasticsearch Index Templates
(nickwallen) closes apache/metron#839
METRON-1289 Alert fields are lost when a MetaAlert is created (merrimanr)
closes apache/metron#824
METRON-1309 Change metron-deployment to pull the plugin from
apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837
METRON-1310 Template Delete Action Deletes Search Indices (nickwallen)
closes apache/metron#838
METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833
METRON-1295 Unable to Configure Logging for REST API (nickwallen) closes
apache/metron#828
METRON-1307 Force install of java8 since java9 does not appear to work with
the scripts (brianhurley via ottobackwards) closes apache/metron#835
METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via
cestella) closes apache/incubator-metron#829
METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr) closes
apache/metron#821
METRON-1287 Full Dev Fails When Installing EPEL Repository (nickwallen)
closes apache/metron#820
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page
(iraghumitra via merrimanr) closes apache/metron#819
METRON-1283 Install Elasticsearch template as a part of the mpack startup
scripts (anandsubbu via nickwallen) closes apache/metron#817
METRON-1254 Conditionals as map keys do not function in Stellar closes
apache/incubator-metron#801
METRON-1261 Apply bro security patch (JonZeolla via ottobackwards) closes
apache/metron#805
METRON-1284 Remove extraneous dead query in ElasticsearchDao (justinleet)
closes apache/metron#818
METRON-1270 fix for warnings missing @return tag argument in
metron-analytics/metron-profiler-common and metron-profiler-client closes
apache/incubator-metron#810
METRON-1272 Hide child alerts from searches and grouping if they belong to
meta alerts (justinleet) closes apache/metron#811
METRON-1224 Add time range selection to search control (iraghumitra via
james-sirota) closes apache/metron#796
METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via
justinleet) closes apache/metron#816
METRON-1243 Add a REST endpoint which allows us to get a list of all indice
closes apache/incubator-metron#797
METRON-1196 Increment master version number to 0.4.2 for on-going
development (mattf-horton) closes apache/metron#767
METRON-1278 Strip "Build Status" widget from root README.md in
site-book build (mattf-horton) closes apache/metron#815
METRON-1274 Master has failure in StormControllerIntegrationTest
(merrimanr) closes apache/metron#813
METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes
apache/metron#809
METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen) closes
apache/metron#804
METRON-1251 Typo and formatting fixes for metron-rest README closes
apache/incubator-metron#800
METRON-1241 Enable the REST API to use a cache for the zookeeper config
similar to the Bolts closes apache/incubator-metron#795
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page
(merrimanr) closes apache/metron#808
METRON-1262 Unable to add comment for a alert in a meta-alert (merrimanr)
closes apache/metron#806
METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via
nickwallen) closes apache/metron#807
METRON-1255 MetaAlert search is not filtering on status (merrimanr) closes
apache/metron#802
METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes
apache/metron#799
METRON-1237 address javadoc warnings in metron-maas-common (dbist via
james-sirota) closes apache/metron#792
METRON-1240 address javadoc warnings in metron-platform and
metron-analytics (dbist via james-sirota) closes apache/metron#794
METRON-1226 Searching Can Errantly Query the Wrong Indices (nickwallen)
closes apache/metron#793
METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes
apache/metron#682
METRON-1123 Add group by option using faceted search capabilities of
metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768
METRON-1223 Add support to add comments for alerts (iraghumitra via
james-sirota) closes apache/metron#788
METRON-1083 Add filters using faceted search capabilities of
metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710
METRON-1232 Alert status changes are not reflected in list view
(iraghumitra via merrimanr) closes apache/metron#787
METRON-1247 REST search and findOne endpoints return unexpected or
incorrect results for guids (justinleet) closes apache/metron#798
METRON-1235 Document the properties pulled from the global configuration
closes apache/incubator-metron#791
METRON-1234 fix for WARNING
'dependencies.dependency.(groupId:artifactId:type:classifier)' must be
unique: org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes
apache/metron#790
METRON-1222 fix warning for The expression ${parent.version} is deprecated.
Please use ${project.parent.version} instead. (dbist via mmiklavc) closes
apache/metron#782
METRON-1220 Create documentation around alert nested field (justinleet)
closes apache/metron#780
METRON-1229 Management UI type is part of the declarations of 2 modules
(merrimanr) closes apache/metron#784
METRON-1228 Configuration Management PUSH immediately does DUMP after
(mmiklavc via mmiklavc) closes apache/metron#783
METRON-1218 Metron REST should return better error messages (merrimanr)
closes apache/metron#779
METRON-1161 Add ability to edit parser command line options in the
management UI (merrimanr) closes apache/metron#737
METRON-1209 Make stellar repl take logging properties, like other CLI apps
in metron closes apache/incubator-metron#772
METRON-1059 address checkstyle warning AvoidStarImport in metron-stellar
(dbist via ottobackwards) closes apache/metron#664
METRON-1204 UI does not time out after being idle, but stops functioning
(merrimanr) closes apache/metron#771
METRON-1052 Add forensic similarity hash functions to Stellar closes
apache/incubator-metron#781
METRON-632 Added validation of "shew.enrichmentType" and "shew.keyColumns"
closes apache/incubator-metron#732
METRON-1194 Add Profiler Debug Functions to Profiler README (nickwallen via
ottobackwards) closes apache/metron#765
METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6 updates
(lvets via ottobackwards) closes apache/metron#661
METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes
apache/metron#681
METRON-1085 Add REST endpoint to save a user profile for the Alerts UI
(merrimanr) closes apache/metron#694
METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778
METRON-1207 Make RPMs for Alerts UI (merrimanr) closes apache/metron#777
METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes
apache/metron#776
METRON-1206 Make alerts UI conform to ops UI for install (merrimanr) closes
apache/metron#773
METRON-1195 Meta alerts improperly handle updates to non-alert fields
(justinleet) closes apache/metron#766
METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes
apache/metron#762
METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen) closes
apache/metron#733
METRON-1198 Pycapa - No such configuration property
'sasl.kerberos.principal' (nickwallen) closes apache/metron#769
METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet) closes
apache/metron#770
METRON-938 "service metron-rest start <password>" does not work on CentOS
7. (justinleet) closes apache/metron#757
METRON-1182 Refactor Code in alert list to accommodate new view types
(iraghumitra via merrimanr) closes apache/metron#756
METRON-1188 Ambari global configuration management (mmiklavc) closes
apache/metron#760
METRON-1191 update public web site to point at 0.4.1 new release
(mattf-horton) closes apache/metron#764
METRON-1063 address javadoc warnings in metron-stellar (dbist via
ottobackwards) closes apache/metron#668
METRON-1190 Fix Meta Alert Type handling in calculation of scores
(justinleet) closes apache/metron#763
METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly
(nickwallen) closes apache/metron#759
METRON-1185 Stellar REPL does not work on a kerberized cluster when calling
functions interacting with HBase closes apache/incubator-metron#755
METRON-1186 Profiler Functions use classutils from shaded storm closes
apache/incubator-metron#758
METRON-1173 Fix pointers to old stellar docs closes
apache/incubator-metron#746
METRON-1179 Make STATS_ADD to take a list closes
apache/incubator-metron#750
METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list and
not require a port closes apache/incubator-metron#751
METRON-1183 Improve KDC Setup Instructions (nickwallen) closes
apache/metron#753
METRON-1177 Stale running topologies seen post-kerberization and cause
exceptions (nickwallen) closes apache/metron#748
METRON-1158 Build backend for grouping alerts into meta alerts (justinleet)
closes apache/metron#734
METRON-1146 Add ability to parse JSON string into JSONObject for stellar
closes apache/incubator-metron#727
METRON-1176 REST: HDFS Service should support setting permissions on files
when writing (ottobackwards) closes apache/metron#749
METRON-1114 Add group by capabilities to search REST endpoint (merrimanr)
closes apache/metron#702
METRON-1167 Define Session Specific Global Configuration Values in the REPL
(nickwallen) closes apache/metron#740
METRON-1171 Better validation for the SUBSTRING stellar function closes
apache/incubator-metron#745
CHANGES.bro-plugin:
METRON-1329 Simplify metron-bro-plugin-kafka package loading (JonZeolla)
closes apache/metron-bro-plugin-kafka#4
METRON-813 Migrate metron-bro-plugin-kafka to be a bro package (JonZeolla)
closes apache/metron-bro-plugin-kafka#3
METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes
apache/metron-bro-plugin-kafka#1
METRON-1173 Fix pointers to old stellar docs closes
apache/incubator-metron#746
METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes
apache/metron#547
METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins
(nickwallen) closes apache/incubator-metron#545
METRON-867 In the event that we graduate, remove incubating from the
website and documentation closes apache/incubator-metron#539
METRON-823 bro-plugin-kafka/README.md has Markdown usages not compatible
with site-book closes apache/incubator-metron#511
METRON-812 Make the bro-kafka plugin work with kerberos this closes
apache/incubator-metron#501
METRON-108 Create Fast Packet Capture Process (nickwallen) closes
apache/incubator-metron#73
Re: [ANNOUNCE] Apache Metron release 0.4.2 and Apache Metron bro
plugin for Kafka release 0.1
Posted by Otto Fowler <ot...@gmail.com>.
Thank you Matt, and congratulations everyone!
On January 4, 2018 at 16:11:50, Matt Foley (mattf@apache.org) wrote:
Metron Community: Happy New Year.
I’m happy to announce the release of Metron 0.4.2. A great deal of work
from across the community went into this, with over 100 enhancements,
improvements, and bug fixes since 0.4.1. Thanks to all contributors, and
may all users enjoy the new features!
This release also includes the first official release of the
apache-metron-bro-plugin-kafka, version 0.1.
Details:
The official release source code tarballs may be obtained at any of the
mirrors listed in
http://www.apache.org/dyn/closer.cgi/metron/0.4.2/
As usual, the secure signatures and confirming hashes may be obtained at
https://dist.apache.org/repos/dist/release/metron/0.4.2/
The release branches in github are
https://github.com/apache/metron/tree/Metron_0.4.2 (tag
apache-metron-0.4.2-release)
https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1)
The release doc book is at http://metron.apache.org/current-book/index.html
The Apache Metron web site at http://metron.apache.org/ has been updated;
please refresh your web browser cache if the new links do not immediately
appear.
Change lists and Release Notes may be obtained at the same locations as the
tarballs.
For your reading pleasure, the change list is appended to this message.
Best regards,
--Matt Foley
release manager
Metron CHANGES (in reverse chron order):
METRON-1373 RAT failure for metron-interface/metron-alerts (mattf-horton)
closes apache/metron#875
METRON-1313 Update metron-deployment to use bro-pkg to install the kafka
plugin (JonZeolla) closes apache/metron#847
METRON-1346 Add new PMC members to web site (ottobackwards) closes
apache/metron#860
METRON-1336 Patching Can Result in Bad Configuration (nickwallen) closes
apache/metron#851
METRON-1335 Install metron-maas-service RPM as a part of the full-dev
deployment (anandsubbu via ottobackwards) closes apache/metron#850
METRON-1308 Fix Metron Documentation (JonZeolla) closes apache/metron#836
METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen) closes
apache/metron#855
METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet)
closes apache/metron#823
METRON-1334 Add C++11 Compliance Check to platform-info.sh (nickwallen)
closes apache/metron#849
METRON-1277 Add match statement to Stellar language closes
apache/incubator-metron#814
METRON-1239 Drop extra dev environments (nickwallen) closes
apache/metron#852
METRON-1328 Enhance platform-info.sh script to check if docker daemon is
running (anandsubbu via nickwallen) closes apache/metron#846
METRON-1333 Ansible-Docker can no longer build metron (ottobackwards)
closes apache/metron#848
METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra via
nickwallen) closes apache/metron#803
METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen)
closes apache/metron#841
METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844
METRON-1319 Column Metadata REST service should use default indices on
empty input (merrimanr) closes apache/metron#843
METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices
(nickwallen) closes apache/metron#845
METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters Some
Records (nickwallen) closes apache/metron#832
METRON-1294 IP addresses are not formatted correctly in facet and group
results (merrimanr) closes apache/metron#827
METRON-1291 Kafka produce REST endpoint does not work in a Kerberized
cluster (merrimanr) closes apache/metron#826
METRON-1290 Only first 10 alerts are update when a MetaAlert status is
changed to inactive (justinleet) closes apache/metron#842
METRON-1311 Service Check Should Check Elasticsearch Index Templates
(nickwallen) closes apache/metron#839
METRON-1289 Alert fields are lost when a MetaAlert is created (merrimanr)
closes apache/metron#824
METRON-1309 Change metron-deployment to pull the plugin from
apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837
METRON-1310 Template Delete Action Deletes Search Indices (nickwallen)
closes apache/metron#838
METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833
METRON-1295 Unable to Configure Logging for REST API (nickwallen) closes
apache/metron#828
METRON-1307 Force install of java8 since java9 does not appear to work with
the scripts (brianhurley via ottobackwards) closes apache/metron#835
METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via
cestella) closes apache/incubator-metron#829
METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr) closes
apache/metron#821
METRON-1287 Full Dev Fails When Installing EPEL Repository (nickwallen)
closes apache/metron#820
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page
(iraghumitra via merrimanr) closes apache/metron#819
METRON-1283 Install Elasticsearch template as a part of the mpack startup
scripts (anandsubbu via nickwallen) closes apache/metron#817
METRON-1254 Conditionals as map keys do not function in Stellar closes
apache/incubator-metron#801
METRON-1261 Apply bro security patch (JonZeolla via ottobackwards) closes
apache/metron#805
METRON-1284 Remove extraneous dead query in ElasticsearchDao (justinleet)
closes apache/metron#818
METRON-1270 fix for warnings missing @return tag argument in
metron-analytics/metron-profiler-common and metron-profiler-client closes
apache/incubator-metron#810
METRON-1272 Hide child alerts from searches and grouping if they belong to
meta alerts (justinleet) closes apache/metron#811
METRON-1224 Add time range selection to search control (iraghumitra via
james-sirota) closes apache/metron#796
METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via
justinleet) closes apache/metron#816
METRON-1243 Add a REST endpoint which allows us to get a list of all indice
closes apache/incubator-metron#797
METRON-1196 Increment master version number to 0.4.2 for on-going
development (mattf-horton) closes apache/metron#767
METRON-1278 Strip "Build Status" widget from root README.md in
site-book build (mattf-horton) closes apache/metron#815
METRON-1274 Master has failure in StormControllerIntegrationTest
(merrimanr) closes apache/metron#813
METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes
apache/metron#809
METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen) closes
apache/metron#804
METRON-1251 Typo and formatting fixes for metron-rest README closes
apache/incubator-metron#800
METRON-1241 Enable the REST API to use a cache for the zookeeper config
similar to the Bolts closes apache/incubator-metron#795
METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list page
(merrimanr) closes apache/metron#808
METRON-1262 Unable to add comment for a alert in a meta-alert (merrimanr)
closes apache/metron#806
METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via
nickwallen) closes apache/metron#807
METRON-1255 MetaAlert search is not filtering on status (merrimanr) closes
apache/metron#802
METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes
apache/metron#799
METRON-1237 address javadoc warnings in metron-maas-common (dbist via
james-sirota) closes apache/metron#792
METRON-1240 address javadoc warnings in metron-platform and
metron-analytics (dbist via james-sirota) closes apache/metron#794
METRON-1226 Searching Can Errantly Query the Wrong Indices (nickwallen)
closes apache/metron#793
METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes
apache/metron#682
METRON-1123 Add group by option using faceted search capabilities of
metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768
METRON-1223 Add support to add comments for alerts (iraghumitra via
james-sirota) closes apache/metron#788
METRON-1083 Add filters using faceted search capabilities of
metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710
METRON-1232 Alert status changes are not reflected in list view
(iraghumitra via merrimanr) closes apache/metron#787
METRON-1247 REST search and findOne endpoints return unexpected or
incorrect results for guids (justinleet) closes apache/metron#798
METRON-1235 Document the properties pulled from the global configuration
closes apache/incubator-metron#791
METRON-1234 fix for WARNING
'dependencies.dependency.(groupId:artifactId:type:classifier)' must be
unique: org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes
apache/metron#790
METRON-1222 fix warning for The expression ${parent.version} is deprecated.
Please use ${project.parent.version} instead. (dbist via mmiklavc) closes
apache/metron#782
METRON-1220 Create documentation around alert nested field (justinleet)
closes apache/metron#780
METRON-1229 Management UI type is part of the declarations of 2 modules
(merrimanr) closes apache/metron#784
METRON-1228 Configuration Management PUSH immediately does DUMP after
(mmiklavc via mmiklavc) closes apache/metron#783
METRON-1218 Metron REST should return better error messages (merrimanr)
closes apache/metron#779
METRON-1161 Add ability to edit parser command line options in the
management UI (merrimanr) closes apache/metron#737
METRON-1209 Make stellar repl take logging properties, like other CLI apps
in metron closes apache/incubator-metron#772
METRON-1059 address checkstyle warning AvoidStarImport in metron-stellar
(dbist via ottobackwards) closes apache/metron#664
METRON-1204 UI does not time out after being idle, but stops functioning
(merrimanr) closes apache/metron#771
METRON-1052 Add forensic similarity hash functions to Stellar closes
apache/incubator-metron#781
METRON-632 Added validation of "shew.enrichmentType" and "shew.keyColumns"
closes apache/incubator-metron#732
METRON-1194 Add Profiler Debug Functions to Profiler README (nickwallen via
ottobackwards) closes apache/metron#765
METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6 updates
(lvets via ottobackwards) closes apache/metron#661
METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes
apache/metron#681
METRON-1085 Add REST endpoint to save a user profile for the Alerts UI
(merrimanr) closes apache/metron#694
METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778
METRON-1207 Make RPMs for Alerts UI (merrimanr) closes apache/metron#777
METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes
apache/metron#776
METRON-1206 Make alerts UI conform to ops UI for install (merrimanr) closes
apache/metron#773
METRON-1195 Meta alerts improperly handle updates to non-alert fields
(justinleet) closes apache/metron#766
METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes
apache/metron#762
METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen) closes
apache/metron#733
METRON-1198 Pycapa - No such configuration property
'sasl.kerberos.principal' (nickwallen) closes apache/metron#769
METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet) closes
apache/metron#770
METRON-938 "service metron-rest start <password>" does not work on CentOS
7. (justinleet) closes apache/metron#757
METRON-1182 Refactor Code in alert list to accommodate new view types
(iraghumitra via merrimanr) closes apache/metron#756
METRON-1188 Ambari global configuration management (mmiklavc) closes
apache/metron#760
METRON-1191 update public web site to point at 0.4.1 new release
(mattf-horton) closes apache/metron#764
METRON-1063 address javadoc warnings in metron-stellar (dbist via
ottobackwards) closes apache/metron#668
METRON-1190 Fix Meta Alert Type handling in calculation of scores
(justinleet) closes apache/metron#763
METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly
(nickwallen) closes apache/metron#759
METRON-1185 Stellar REPL does not work on a kerberized cluster when calling
functions interacting with HBase closes apache/incubator-metron#755
METRON-1186 Profiler Functions use classutils from shaded storm closes
apache/incubator-metron#758
METRON-1173 Fix pointers to old stellar docs closes
apache/incubator-metron#746
METRON-1179 Make STATS_ADD to take a list closes
apache/incubator-metron#750
METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list and
not require a port closes apache/incubator-metron#751
METRON-1183 Improve KDC Setup Instructions (nickwallen) closes
apache/metron#753
METRON-1177 Stale running topologies seen post-kerberization and cause
exceptions (nickwallen) closes apache/metron#748
METRON-1158 Build backend for grouping alerts into meta alerts (justinleet)
closes apache/metron#734
METRON-1146 Add ability to parse JSON string into JSONObject for stellar
closes apache/incubator-metron#727
METRON-1176 REST: HDFS Service should support setting permissions on files
when writing (ottobackwards) closes apache/metron#749
METRON-1114 Add group by capabilities to search REST endpoint (merrimanr)
closes apache/metron#702
METRON-1167 Define Session Specific Global Configuration Values in the REPL
(nickwallen) closes apache/metron#740
METRON-1171 Better validation for the SUBSTRING stellar function closes
apache/incubator-metron#745
CHANGES.bro-plugin:
METRON-1329 Simplify metron-bro-plugin-kafka package loading (JonZeolla)
closes apache/metron-bro-plugin-kafka#4
METRON-813 Migrate metron-bro-plugin-kafka to be a bro package (JonZeolla)
closes apache/metron-bro-plugin-kafka#3
METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes
apache/metron-bro-plugin-kafka#1
METRON-1173 Fix pointers to old stellar docs closes
apache/incubator-metron#746
METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes
apache/metron#547
METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins
(nickwallen) closes apache/incubator-metron#545
METRON-867 In the event that we graduate, remove incubating from the
website and documentation closes apache/incubator-metron#539
METRON-823 bro-plugin-kafka/README.md has Markdown usages not compatible
with site-book closes apache/incubator-metron#511
METRON-812 Make the bro-kafka plugin work with kerberos this closes
apache/incubator-metron#501
METRON-108 Create Fast Packet Capture Process (nickwallen) closes
apache/incubator-metron#73
Re: [ANNOUNCE] Apache Metron release 0.4.2 and Apache Metron bro
plugin for Kafka release 0.1
Posted by Gaurav Bapat <ga...@gmail.com>.
Hi,
That's a great news!!
I am forwarding syslogs into Kafka through Nifi but I can't see the logs in
Kibana, I have added the CEF Parser with cef topic, is there any issue with
parsing and does the newer version directly parse and index telemetry in ES
and then to Kibana.
Request you to add Syslog Parser to make life easier.
Thanks,
Gaurav
On 5 January 2018 at 02:41, Matt Foley <ma...@apache.org> wrote:
> Metron Community: Happy New Year.
>
> I’m happy to announce the release of Metron 0.4.2. A great deal of work
> from across the community went into this, with over 100 enhancements,
> improvements, and bug fixes since 0.4.1. Thanks to all contributors, and
> may all users enjoy the new features!
>
> This release also includes the first official release of the
> apache-metron-bro-plugin-kafka, version 0.1.
>
> Details:
> The official release source code tarballs may be obtained at any of the
> mirrors listed in
> http://www.apache.org/dyn/closer.cgi/metron/0.4.2/
>
> As usual, the secure signatures and confirming hashes may be obtained at
> https://dist.apache.org/repos/dist/release/metron/0.4.2/
>
> The release branches in github are
> https://github.com/apache/metron/tree/Metron_0.4.2 (tag
> apache-metron-0.4.2-release)
> https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1)
>
> The release doc book is at http://metron.apache.org/
> current-book/index.html
> The Apache Metron web site at http://metron.apache.org/ has been updated;
> please refresh your web browser cache if the new links do not immediately
> appear.
>
> Change lists and Release Notes may be obtained at the same locations as
> the tarballs.
> For your reading pleasure, the change list is appended to this message.
>
> Best regards,
> --Matt Foley
> release manager
>
> Metron CHANGES (in reverse chron order):
> METRON-1373 RAT failure for metron-interface/metron-alerts
> (mattf-horton) closes apache/metron#875
> METRON-1313 Update metron-deployment to use bro-pkg to install the
> kafka plugin (JonZeolla) closes apache/metron#847
> METRON-1346 Add new PMC members to web site (ottobackwards) closes
> apache/metron#860
> METRON-1336 Patching Can Result in Bad Configuration (nickwallen)
> closes apache/metron#851
> METRON-1335 Install metron-maas-service RPM as a part of the full-dev
> deployment (anandsubbu via ottobackwards) closes apache/metron#850
> METRON-1308 Fix Metron Documentation (JonZeolla) closes
> apache/metron#836
> METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen)
> closes apache/metron#855
> METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet)
> closes apache/metron#823
> METRON-1334 Add C++11 Compliance Check to platform-info.sh
> (nickwallen) closes apache/metron#849
> METRON-1277 Add match statement to Stellar language closes
> apache/incubator-metron#814
> METRON-1239 Drop extra dev environments (nickwallen) closes
> apache/metron#852
> METRON-1328 Enhance platform-info.sh script to check if docker daemon
> is running (anandsubbu via nickwallen) closes apache/metron#846
> METRON-1333 Ansible-Docker can no longer build metron (ottobackwards)
> closes apache/metron#848
> METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra
> via nickwallen) closes apache/metron#803
> METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen)
> closes apache/metron#841
> METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844
> METRON-1319 Column Metadata REST service should use default indices on
> empty input (merrimanr) closes apache/metron#843
> METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices
> (nickwallen) closes apache/metron#845
> METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters
> Some Records (nickwallen) closes apache/metron#832
> METRON-1294 IP addresses are not formatted correctly in facet and
> group results (merrimanr) closes apache/metron#827
> METRON-1291 Kafka produce REST endpoint does not work in a Kerberized
> cluster (merrimanr) closes apache/metron#826
> METRON-1290 Only first 10 alerts are update when a MetaAlert status is
> changed to inactive (justinleet) closes apache/metron#842
> METRON-1311 Service Check Should Check Elasticsearch Index Templates
> (nickwallen) closes apache/metron#839
> METRON-1289 Alert fields are lost when a MetaAlert is created
> (merrimanr) closes apache/metron#824
> METRON-1309 Change metron-deployment to pull the plugin from
> apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837
> METRON-1310 Template Delete Action Deletes Search Indices (nickwallen)
> closes apache/metron#838
> METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833
> METRON-1295 Unable to Configure Logging for REST API (nickwallen)
> closes apache/metron#828
> METRON-1307 Force install of java8 since java9 does not appear to work
> with the scripts (brianhurley via ottobackwards) closes apache/metron#835
> METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via
> cestella) closes apache/incubator-metron#829
> METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr)
> closes apache/metron#821
> METRON-1287 Full Dev Fails When Installing EPEL Repository
> (nickwallen) closes apache/metron#820
> METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list
> page (iraghumitra via merrimanr) closes apache/metron#819
> METRON-1283 Install Elasticsearch template as a part of the mpack
> startup scripts (anandsubbu via nickwallen) closes apache/metron#817
> METRON-1254 Conditionals as map keys do not function in Stellar closes
> apache/incubator-metron#801
> METRON-1261 Apply bro security patch (JonZeolla via ottobackwards)
> closes apache/metron#805
> METRON-1284 Remove extraneous dead query in ElasticsearchDao
> (justinleet) closes apache/metron#818
> METRON-1270 fix for warnings missing @return tag argument in
> metron-analytics/metron-profiler-common and metron-profiler-client closes
> apache/incubator-metron#810
> METRON-1272 Hide child alerts from searches and grouping if they
> belong to meta alerts (justinleet) closes apache/metron#811
> METRON-1224 Add time range selection to search control (iraghumitra
> via james-sirota) closes apache/metron#796
> METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via
> justinleet) closes apache/metron#816
> METRON-1243 Add a REST endpoint which allows us to get a list of all
> indice closes apache/incubator-metron#797
> METRON-1196 Increment master version number to 0.4.2 for on-going
> development (mattf-horton) closes apache/metron#767
> METRON-1278 Strip "Build Status" widget from root README.md
> in site-book build (mattf-horton) closes apache/metron#815
> METRON-1274 Master has failure in StormControllerIntegrationTest
> (merrimanr) closes apache/metron#813
> METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes
> apache/metron#809
> METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen)
> closes apache/metron#804
> METRON-1251 Typo and formatting fixes for metron-rest README closes
> apache/incubator-metron#800
> METRON-1241 Enable the REST API to use a cache for the zookeeper
> config similar to the Bolts closes apache/incubator-metron#795
> METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list
> page (merrimanr) closes apache/metron#808
> METRON-1262 Unable to add comment for a alert in a meta-alert
> (merrimanr) closes apache/metron#806
> METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via
> nickwallen) closes apache/metron#807
> METRON-1255 MetaAlert search is not filtering on status (merrimanr)
> closes apache/metron#802
> METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes
> apache/metron#799
> METRON-1237 address javadoc warnings in metron-maas-common (dbist via
> james-sirota) closes apache/metron#792
> METRON-1240 address javadoc warnings in metron-platform and
> metron-analytics (dbist via james-sirota) closes apache/metron#794
> METRON-1226 Searching Can Errantly Query the Wrong Indices
> (nickwallen) closes apache/metron#793
> METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes
> apache/metron#682
> METRON-1123 Add group by option using faceted search capabilities of
> metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768
> METRON-1223 Add support to add comments for alerts (iraghumitra via
> james-sirota) closes apache/metron#788
> METRON-1083 Add filters using faceted search capabilities of
> metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710
> METRON-1232 Alert status changes are not reflected in list view
> (iraghumitra via merrimanr) closes apache/metron#787
> METRON-1247 REST search and findOne endpoints return unexpected or
> incorrect results for guids (justinleet) closes apache/metron#798
> METRON-1235 Document the properties pulled from the global
> configuration closes apache/incubator-metron#791
> METRON-1234 fix for WARNING 'dependencies.dependency.(
> groupId:artifactId:type:classifier)' must be unique:
> org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes
> apache/metron#790
> METRON-1222 fix warning for The expression ${parent.version} is
> deprecated. Please use ${project.parent.version} instead. (dbist via
> mmiklavc) closes apache/metron#782
> METRON-1220 Create documentation around alert nested field
> (justinleet) closes apache/metron#780
> METRON-1229 Management UI type is part of the declarations of 2
> modules (merrimanr) closes apache/metron#784
> METRON-1228 Configuration Management PUSH immediately does DUMP after
> (mmiklavc via mmiklavc) closes apache/metron#783
> METRON-1218 Metron REST should return better error messages
> (merrimanr) closes apache/metron#779
> METRON-1161 Add ability to edit parser command line options in the
> management UI (merrimanr) closes apache/metron#737
> METRON-1209 Make stellar repl take logging properties, like other CLI
> apps in metron closes apache/incubator-metron#772
> METRON-1059 address checkstyle warning AvoidStarImport in
> metron-stellar (dbist via ottobackwards) closes apache/metron#664
> METRON-1204 UI does not time out after being idle, but stops
> functioning (merrimanr) closes apache/metron#771
> METRON-1052 Add forensic similarity hash functions to Stellar closes
> apache/incubator-metron#781
> METRON-632 Added validation of "shew.enrichmentType" and
> "shew.keyColumns" closes apache/incubator-metron#732
> METRON-1194 Add Profiler Debug Functions to Profiler README
> (nickwallen via ottobackwards) closes apache/metron#765
> METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6
> updates (lvets via ottobackwards) closes apache/metron#661
> METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes
> apache/metron#681
> METRON-1085 Add REST endpoint to save a user profile for the Alerts UI
> (merrimanr) closes apache/metron#694
> METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778
> METRON-1207 Make RPMs for Alerts UI (merrimanr) closes
> apache/metron#777
> METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes
> apache/metron#776
> METRON-1206 Make alerts UI conform to ops UI for install (merrimanr)
> closes apache/metron#773
> METRON-1195 Meta alerts improperly handle updates to non-alert fields
> (justinleet) closes apache/metron#766
> METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes
> apache/metron#762
> METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen)
> closes apache/metron#733
> METRON-1198 Pycapa - No such configuration property
> 'sasl.kerberos.principal' (nickwallen) closes apache/metron#769
> METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet)
> closes apache/metron#770
> METRON-938 "service metron-rest start <password>" does not work on
> CentOS 7. (justinleet) closes apache/metron#757
> METRON-1182 Refactor Code in alert list to accommodate new view types
> (iraghumitra via merrimanr) closes apache/metron#756
> METRON-1188 Ambari global configuration management (mmiklavc) closes
> apache/metron#760
> METRON-1191 update public web site to point at 0.4.1 new release
> (mattf-horton) closes apache/metron#764
> METRON-1063 address javadoc warnings in metron-stellar (dbist via
> ottobackwards) closes apache/metron#668
> METRON-1190 Fix Meta Alert Type handling in calculation of scores
> (justinleet) closes apache/metron#763
> METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly
> (nickwallen) closes apache/metron#759
> METRON-1185 Stellar REPL does not work on a kerberized cluster when
> calling functions interacting with HBase closes apache/incubator-metron#755
> METRON-1186 Profiler Functions use classutils from shaded storm closes
> apache/incubator-metron#758
> METRON-1173 Fix pointers to old stellar docs closes
> apache/incubator-metron#746
> METRON-1179 Make STATS_ADD to take a list closes
> apache/incubator-metron#750
> METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list
> and not require a port closes apache/incubator-metron#751
> METRON-1183 Improve KDC Setup Instructions (nickwallen) closes
> apache/metron#753
> METRON-1177 Stale running topologies seen post-kerberization and cause
> exceptions (nickwallen) closes apache/metron#748
> METRON-1158 Build backend for grouping alerts into meta alerts
> (justinleet) closes apache/metron#734
> METRON-1146 Add ability to parse JSON string into JSONObject for
> stellar closes apache/incubator-metron#727
> METRON-1176 REST: HDFS Service should support setting permissions on
> files when writing (ottobackwards) closes apache/metron#749
> METRON-1114 Add group by capabilities to search REST endpoint
> (merrimanr) closes apache/metron#702
> METRON-1167 Define Session Specific Global Configuration Values in the
> REPL (nickwallen) closes apache/metron#740
> METRON-1171 Better validation for the SUBSTRING stellar function
> closes apache/incubator-metron#745
>
> CHANGES.bro-plugin:
> METRON-1329 Simplify metron-bro-plugin-kafka package loading
> (JonZeolla) closes apache/metron-bro-plugin-kafka#4
> METRON-813 Migrate metron-bro-plugin-kafka to be a bro package
> (JonZeolla) closes apache/metron-bro-plugin-kafka#3
> METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes
> apache/metron-bro-plugin-kafka#1
> METRON-1173 Fix pointers to old stellar docs closes
> apache/incubator-metron#746
> METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes
> apache/metron#547
> METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins
> (nickwallen) closes apache/incubator-metron#545
> METRON-867 In the event that we graduate, remove incubating from the
> website and documentation closes apache/incubator-metron#539
> METRON-823 bro-plugin-kafka/README.md has Markdown usages not
> compatible with site-book closes apache/incubator-metron#511
> METRON-812 Make the bro-kafka plugin work with kerberos this closes
> apache/incubator-metron#501
> METRON-108 Create Fast Packet Capture Process (nickwallen) closes
> apache/incubator-metron#73
>
>
>
>
Re: [ANNOUNCE] Apache Metron release 0.4.2 and Apache Metron bro
plugin for Kafka release 0.1
Posted by Gaurav Bapat <ga...@gmail.com>.
Hi,
I have deployed Metron with 16 GB RAM, but all components are losing
heartbeats and they dont go up
On 5 January 2018 at 02:41, Matt Foley <ma...@apache.org> wrote:
> Metron Community: Happy New Year.
>
> I’m happy to announce the release of Metron 0.4.2. A great deal of work
> from across the community went into this, with over 100 enhancements,
> improvements, and bug fixes since 0.4.1. Thanks to all contributors, and
> may all users enjoy the new features!
>
> This release also includes the first official release of the
> apache-metron-bro-plugin-kafka, version 0.1.
>
> Details:
> The official release source code tarballs may be obtained at any of the
> mirrors listed in
> http://www.apache.org/dyn/closer.cgi/metron/0.4.2/
>
> As usual, the secure signatures and confirming hashes may be obtained at
> https://dist.apache.org/repos/dist/release/metron/0.4.2/
>
> The release branches in github are
> https://github.com/apache/metron/tree/Metron_0.4.2 (tag
> apache-metron-0.4.2-release)
> https://github.com/apache/metron-bro-plugin-kafka/tree/0.1 (tag 0.1)
>
> The release doc book is at http://metron.apache.org/
> current-book/index.html
> The Apache Metron web site at http://metron.apache.org/ has been updated;
> please refresh your web browser cache if the new links do not immediately
> appear.
>
> Change lists and Release Notes may be obtained at the same locations as
> the tarballs.
> For your reading pleasure, the change list is appended to this message.
>
> Best regards,
> --Matt Foley
> release manager
>
> Metron CHANGES (in reverse chron order):
> METRON-1373 RAT failure for metron-interface/metron-alerts
> (mattf-horton) closes apache/metron#875
> METRON-1313 Update metron-deployment to use bro-pkg to install the
> kafka plugin (JonZeolla) closes apache/metron#847
> METRON-1346 Add new PMC members to web site (ottobackwards) closes
> apache/metron#860
> METRON-1336 Patching Can Result in Bad Configuration (nickwallen)
> closes apache/metron#851
> METRON-1335 Install metron-maas-service RPM as a part of the full-dev
> deployment (anandsubbu via ottobackwards) closes apache/metron#850
> METRON-1308 Fix Metron Documentation (JonZeolla) closes
> apache/metron#836
> METRON-1338 Rat Check Should Ignore Vagrant Retry Files (nickwallen)
> closes apache/metron#855
> METRON-1286 Add MIN & MAX Stellar functions (jasper-k via justinleet)
> closes apache/metron#823
> METRON-1334 Add C++11 Compliance Check to platform-info.sh
> (nickwallen) closes apache/metron#849
> METRON-1277 Add match statement to Stellar language closes
> apache/incubator-metron#814
> METRON-1239 Drop extra dev environments (nickwallen) closes
> apache/metron#852
> METRON-1328 Enhance platform-info.sh script to check if docker daemon
> is running (anandsubbu via nickwallen) closes apache/metron#846
> METRON-1333 Ansible-Docker can no longer build metron (ottobackwards)
> closes apache/metron#848
> METRON-1252 Build UI for grouping alerts into meta-alerts (iraghumitra
> via nickwallen) closes apache/metron#803
> METRON-1316 Fastcapa Fails to Compile in Test Environment (nickwallen)
> closes apache/metron#841
> METRON-1088 Upgrade bro to 2.5.2 (JonZeolla) closes apache/metron#844
> METRON-1319 Column Metadata REST service should use default indices on
> empty input (merrimanr) closes apache/metron#843
> METRON-1321 Metaalert Threat Score Type Does Not Match Sensor Indices
> (nickwallen) closes apache/metron#845
> METRON-1301 Alerts UI - Sorting on Triage Score Unexpectedly Filters
> Some Records (nickwallen) closes apache/metron#832
> METRON-1294 IP addresses are not formatted correctly in facet and
> group results (merrimanr) closes apache/metron#827
> METRON-1291 Kafka produce REST endpoint does not work in a Kerberized
> cluster (merrimanr) closes apache/metron#826
> METRON-1290 Only first 10 alerts are update when a MetaAlert status is
> changed to inactive (justinleet) closes apache/metron#842
> METRON-1311 Service Check Should Check Elasticsearch Index Templates
> (nickwallen) closes apache/metron#839
> METRON-1289 Alert fields are lost when a MetaAlert is created
> (merrimanr) closes apache/metron#824
> METRON-1309 Change metron-deployment to pull the plugin from
> apache/metron-bro-plugin-kafka (JonZeolla) closes apache/metron#837
> METRON-1310 Template Delete Action Deletes Search Indices (nickwallen)
> closes apache/metron#838
> METRON-1275 Fix Metron Documentation closes apache/incubator-metron#833
> METRON-1295 Unable to Configure Logging for REST API (nickwallen)
> closes apache/metron#828
> METRON-1307 Force install of java8 since java9 does not appear to work
> with the scripts (brianhurley via ottobackwards) closes apache/metron#835
> METRON-1296 Full Dev Fails to Deploy Index Templates (nickwallen via
> cestella) closes apache/incubator-metron#829
> METRON-1281 Remove hard-coded indices from the Alerts UI (merrimanr)
> closes apache/metron#821
> METRON-1287 Full Dev Fails When Installing EPEL Repository
> (nickwallen) closes apache/metron#820
> METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list
> page (iraghumitra via merrimanr) closes apache/metron#819
> METRON-1283 Install Elasticsearch template as a part of the mpack
> startup scripts (anandsubbu via nickwallen) closes apache/metron#817
> METRON-1254 Conditionals as map keys do not function in Stellar closes
> apache/incubator-metron#801
> METRON-1261 Apply bro security patch (JonZeolla via ottobackwards)
> closes apache/metron#805
> METRON-1284 Remove extraneous dead query in ElasticsearchDao
> (justinleet) closes apache/metron#818
> METRON-1270 fix for warnings missing @return tag argument in
> metron-analytics/metron-profiler-common and metron-profiler-client closes
> apache/incubator-metron#810
> METRON-1272 Hide child alerts from searches and grouping if they
> belong to meta alerts (justinleet) closes apache/metron#811
> METRON-1224 Add time range selection to search control (iraghumitra
> via james-sirota) closes apache/metron#796
> METRON-1280 0.4.1 -> 0.4.2 missed a couple of projects (cestella via
> justinleet) closes apache/metron#816
> METRON-1243 Add a REST endpoint which allows us to get a list of all
> indice closes apache/incubator-metron#797
> METRON-1196 Increment master version number to 0.4.2 for on-going
> development (mattf-horton) closes apache/metron#767
> METRON-1278 Strip "Build Status" widget from root README.md
> in site-book build (mattf-horton) closes apache/metron#815
> METRON-1274 Master has failure in StormControllerIntegrationTest
> (merrimanr) closes apache/metron#813
> METRON-1266 Profiler - SASL Authentication Failed (nickwallen) closes
> apache/metron#809
> METRON-1260 Include Alerts UI in Ambari Service Check (nickwallen)
> closes apache/metron#804
> METRON-1251 Typo and formatting fixes for metron-rest README closes
> apache/incubator-metron#800
> METRON-1241 Enable the REST API to use a cache for the zookeeper
> config similar to the Bolts closes apache/incubator-metron#795
> METRON-1267 Alerts UI returns a 404 when refreshing the alerts-list
> page (merrimanr) closes apache/metron#808
> METRON-1262 Unable to add comment for a alert in a meta-alert
> (merrimanr) closes apache/metron#806
> METRON-1263 Start Alerts UI service after Metron REST (anandsubbu via
> nickwallen) closes apache/metron#807
> METRON-1255 MetaAlert search is not filtering on status (merrimanr)
> closes apache/metron#802
> METRON-1249 Improve Metron MPack Service Checks (nickwallen) closes
> apache/metron#799
> METRON-1237 address javadoc warnings in metron-maas-common (dbist via
> james-sirota) closes apache/metron#792
> METRON-1240 address javadoc warnings in metron-platform and
> metron-analytics (dbist via james-sirota) closes apache/metron#794
> METRON-1226 Searching Can Errantly Query the Wrong Indices
> (nickwallen) closes apache/metron#793
> METRON-1081 Fix Alerts and Ops UI Notices file (james-sirota) closes
> apache/metron#682
> METRON-1123 Add group by option using faceted search capabilities of
> metron-rest-api (iraghumitra via james-sirota) closes apache/metron#768
> METRON-1223 Add support to add comments for alerts (iraghumitra via
> james-sirota) closes apache/metron#788
> METRON-1083 Add filters using faceted search capabilities of
> metron-rest-api (iraghumitra via james-sirota) closes apache/metron#710
> METRON-1232 Alert status changes are not reflected in list view
> (iraghumitra via merrimanr) closes apache/metron#787
> METRON-1247 REST search and findOne endpoints return unexpected or
> incorrect results for guids (justinleet) closes apache/metron#798
> METRON-1235 Document the properties pulled from the global
> configuration closes apache/incubator-metron#791
> METRON-1234 fix for WARNING 'dependencies.dependency.(
> groupId:artifactId:type:classifier)' must be unique:
> org.apache.hadoop:hadoop-yarn-api:jar (dbist via mmiklavc) closes
> apache/metron#790
> METRON-1222 fix warning for The expression ${parent.version} is
> deprecated. Please use ${project.parent.version} instead. (dbist via
> mmiklavc) closes apache/metron#782
> METRON-1220 Create documentation around alert nested field
> (justinleet) closes apache/metron#780
> METRON-1229 Management UI type is part of the declarations of 2
> modules (merrimanr) closes apache/metron#784
> METRON-1228 Configuration Management PUSH immediately does DUMP after
> (mmiklavc via mmiklavc) closes apache/metron#783
> METRON-1218 Metron REST should return better error messages
> (merrimanr) closes apache/metron#779
> METRON-1161 Add ability to edit parser command line options in the
> management UI (merrimanr) closes apache/metron#737
> METRON-1209 Make stellar repl take logging properties, like other CLI
> apps in metron closes apache/incubator-metron#772
> METRON-1059 address checkstyle warning AvoidStarImport in
> metron-stellar (dbist via ottobackwards) closes apache/metron#664
> METRON-1204 UI does not time out after being idle, but stops
> functioning (merrimanr) closes apache/metron#771
> METRON-1052 Add forensic similarity hash functions to Stellar closes
> apache/incubator-metron#781
> METRON-632 Added validation of "shew.enrichmentType" and
> "shew.keyColumns" closes apache/incubator-metron#732
> METRON-1194 Add Profiler Debug Functions to Profiler README
> (nickwallen via ottobackwards) closes apache/metron#765
> METRON-1055 Metron 0.4.0 manual installation guide for CentOS 6
> updates (lvets via ottobackwards) closes apache/metron#661
> METRON-1079 STELLAR NaN should be a keyword (ottobackwards) closes
> apache/metron#681
> METRON-1085 Add REST endpoint to save a user profile for the Alerts UI
> (merrimanr) closes apache/metron#694
> METRON-1208 MPack for Alerts UI (merrimanr) closes apache/metron#778
> METRON-1207 Make RPMs for Alerts UI (merrimanr) closes
> apache/metron#777
> METRON-1215 Fix link to RPMs chapter (DimDroll via justinleet) closes
> apache/metron#776
> METRON-1206 Make alerts UI conform to ops UI for install (merrimanr)
> closes apache/metron#773
> METRON-1195 Meta alerts improperly handle updates to non-alert fields
> (justinleet) closes apache/metron#766
> METRON-1189 Add alert escalation to the Alerts UI (merrimanr) closes
> apache/metron#762
> METRON-1156 Simulate Triage Rules in the Stellar REPL (nickwallen)
> closes apache/metron#733
> METRON-1198 Pycapa - No such configuration property
> 'sasl.kerberos.principal' (nickwallen) closes apache/metron#769
> METRON-1202 ElasticsearchDao Has extraneous sleep call (justinleet)
> closes apache/metron#770
> METRON-938 "service metron-rest start <password>" does not work on
> CentOS 7. (justinleet) closes apache/metron#757
> METRON-1182 Refactor Code in alert list to accommodate new view types
> (iraghumitra via merrimanr) closes apache/metron#756
> METRON-1188 Ambari global configuration management (mmiklavc) closes
> apache/metron#760
> METRON-1191 update public web site to point at 0.4.1 new release
> (mattf-horton) closes apache/metron#764
> METRON-1063 address javadoc warnings in metron-stellar (dbist via
> ottobackwards) closes apache/metron#668
> METRON-1190 Fix Meta Alert Type handling in calculation of scores
> (justinleet) closes apache/metron#763
> METRON-1187 Indexing/Profiler Kafka ACL Groups Not Setup Correctly
> (nickwallen) closes apache/metron#759
> METRON-1185 Stellar REPL does not work on a kerberized cluster when
> calling functions interacting with HBase closes apache/incubator-metron#755
> METRON-1186 Profiler Functions use classutils from shaded storm closes
> apache/incubator-metron#758
> METRON-1173 Fix pointers to old stellar docs closes
> apache/incubator-metron#746
> METRON-1179 Make STATS_ADD to take a list closes
> apache/incubator-metron#750
> METRON-1180 Make Stellar Shell accept zookeeper quorum as a CSV list
> and not require a port closes apache/incubator-metron#751
> METRON-1183 Improve KDC Setup Instructions (nickwallen) closes
> apache/metron#753
> METRON-1177 Stale running topologies seen post-kerberization and cause
> exceptions (nickwallen) closes apache/metron#748
> METRON-1158 Build backend for grouping alerts into meta alerts
> (justinleet) closes apache/metron#734
> METRON-1146 Add ability to parse JSON string into JSONObject for
> stellar closes apache/incubator-metron#727
> METRON-1176 REST: HDFS Service should support setting permissions on
> files when writing (ottobackwards) closes apache/metron#749
> METRON-1114 Add group by capabilities to search REST endpoint
> (merrimanr) closes apache/metron#702
> METRON-1167 Define Session Specific Global Configuration Values in the
> REPL (nickwallen) closes apache/metron#740
> METRON-1171 Better validation for the SUBSTRING stellar function
> closes apache/incubator-metron#745
>
> CHANGES.bro-plugin:
> METRON-1329 Simplify metron-bro-plugin-kafka package loading
> (JonZeolla) closes apache/metron-bro-plugin-kafka#4
> METRON-813 Migrate metron-bro-plugin-kafka to be a bro package
> (JonZeolla) closes apache/metron-bro-plugin-kafka#3
> METRON-1303 Reorganize the metron-bro-plugin-kafka (JonZeolla) closes
> apache/metron-bro-plugin-kafka#1
> METRON-1173 Fix pointers to old stellar docs closes
> apache/incubator-metron#746
> METRON-858 bro-plugin-kafka is throwing segfaults (JonZeolla) closes
> apache/metron#547
> METRON-883 Capture Bro Plugin Enhancements from bro/bro-plugins
> (nickwallen) closes apache/incubator-metron#545
> METRON-867 In the event that we graduate, remove incubating from the
> website and documentation closes apache/incubator-metron#539
> METRON-823 bro-plugin-kafka/README.md has Markdown usages not
> compatible with site-book closes apache/incubator-metron#511
> METRON-812 Make the bro-kafka plugin work with kerberos this closes
> apache/incubator-metron#501
> METRON-108 Create Fast Packet Capture Process (nickwallen) closes
> apache/incubator-metron#73
>
>
>
>