[Intelmq-dev] EleasticSearch Know-How needed

Sebastian Wagner wagner at cert.at
Mon Mar 30 11:44:14 CEST 2020 

Hi all,

Good news, Stone Zach is able to make required changes for ElasticSearch
7, see
https://github.com/certtools/intelmq/issues/1479#issuecomment-605454294
and https://github.com/certtools/intelmq/pull/1513 - Thanks stone!

However the code for ES 7 is incompatible to the code for ES 5 and Stone
can only support the ES 7 code. That would mean that - if nothing
changes - the support for ES 5 would be probably dropped in the next
feature release (2.2.0).

In parallel to these efforts, I welcome the contribution by Filip to
document how IntelMQ can be used to feed ES via Redis + Logstash. Thanks!

Sebastian

On 3/20/20 4:20 PM, Sebastian Wagner wrote:
> Dear community,
>
> The ElasticSearch bots, tests and tools in IntelMQ need some maintenance
> which I am unable to provide. As ES is a very common tool I am sure that
> there is know-how available in the community and we are able to continue
> the support for it.
>
> The oldest know issue is a broken unittest:
> https://github.com/certtools/intelmq/issues/1480
>
> But there are also incompatibilties with current ElasticSearch version,
> e.g. I had problems with the elasticmapper tool using ES 7.6.1 (maybe
> easy to fix).
> Using 7.5.0 failed on the indices tests
> https://github.com/certtools/intelmq/issues/1479
>
> Further, the only supported elasticsearch python library version is
> currently 'elasticsearch>=5.0.0,<6.0.0' while the latest release is 7.6.0.
>
> Please consider contributing
>
> best regards
> Sebastian
>
>
> _______________________________________________
> Intelmq-dev mailing list
> Intelmq-dev at lists.cert.at
> https://lists.cert.at/cgi-bin/mailman/listinfo/intelmq-dev

-- 
// Sebastian Wagner <wagner at cert.at> - T: +43 1 5056416 7201
// CERT Austria - https://www.cert.at/
// Eine Initiative der nic.at GmbH - https://www.nic.at/
// Firmenbuchnummer 172568b, LG Salzburg

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20200330/a0b0af30/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/intelmq-dev/attachments/20200330/a0b0af30/attachment.sig>

More information about the Intelmq-dev mailing list