Merge pull request #118 from guilhemmarchand/version_1220

Version 1.2.20

docs/configuration.rst

@@ -114,7 +114,7 @@ Finally, in addition the following macro is used within the searches, and can be
     iseval = 0
 
 Activation of built-in alerts
-============================
+=============================
 
 **TrackMe provides out of the box alerts that can be used to deliver alerting when a monitored component reaches a red state:**
 

docs/releasenotes.rst

@@ -1,12 +1,31 @@
 Release notes
 #############
 
+Version 1.2.20
+==============
+
+**CAUTION:**
+
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
+
+- Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
+- Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
+
+TrackMe requires a summary index (defaults to trackme_summary) and a metric index (defaults to trackme_metrics):
+https://trackme.readthedocs.io/en/latest/configuration.html
+
+- Fix: getlistdef.py custom command fails with a Python decode error if running in a Python3 only instance
+- Fix: Allowlist / Blacklist and similar deletion checkbox may fail to refresh the window content properly upon record(s) deletion
+- Change: UI rendering improvements
+- Fix: For metric hosts, logical group mapping generates false positive status flipping events, blue hosts should not appear in single count of hosts in alert, refresh button should respect the current blue status 
+- Fix: For data hosts, logical group mapping (blue hosts) should not appear in single count of hosts in alert, refresh button should respect the current blue status
+
 Version 1.2.19
 ==============
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -28,7 +47,7 @@ Version 1.2.18
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -47,7 +66,7 @@ Version 1.2.17
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -67,7 +86,7 @@ Version 1.2.16
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -93,7 +112,7 @@ Version 1.2.15
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -110,7 +129,7 @@ Version 1.2.14
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -127,7 +146,7 @@ Version 1.2.13
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -152,7 +171,7 @@ Version 1.2.11
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -178,7 +197,7 @@ Version 1.2.10
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -204,7 +223,7 @@ Version 1.2.9
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -223,7 +242,7 @@ Version 1.2.8
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -245,7 +264,7 @@ Version 1.2.7
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -266,7 +285,7 @@ Version 1.2.5
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -281,7 +300,7 @@ Version 1.2.4
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -295,7 +314,7 @@ Version 1.2.3
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -309,7 +328,7 @@ Version 1.2.2
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -329,7 +348,7 @@ Version 1.2.1
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890
@@ -349,7 +368,7 @@ Version 1.2.0
 
 **CAUTION:**
 
-This is a new main release branch, TrackMe 1.2.x require the deployment of the following dependencies:
+This is a new main release branch, TrackMe 1.2.x requires the deployment of the following dependencies:
 
 - Semicircle Donut Chart Viz, Splunk Base: https://splunkbase.splunk.com/app/4378
 - Splunk Machine Learning Toolkit, Splunk Base: https://splunkbase.splunk.com/app/2890

docs/userguide.rst

@@ -16,7 +16,7 @@ Access TrackMe main interface
 **If the UI is empty and no data sources are showing up:**
 
 - You can wait for the short term trackers execution which are scheduled to run every 5 minutes
-- Or manually run the data sources tracker by clicking on the button "Manage: run short term tracker now" (we will come back to the tracker concept later in this guide)
+- Or manually run the data sources tracker by clicking on the button "Run: short term tracker now" (we will come back to the tracker concept later in this guide)
 
 Main concept and main tabs
 --------------------------
@@ -64,7 +64,7 @@ The modal window "open-up" is the user main interaction with TrackMe, depending
    :align: center
 
 - ``data_index`` is the name of the Splunk index where the data resides
-- ``data_sourcetype`` is the Splunk sourcetype that identities the data for this entity
+- ``data_sourcetype`` is the Splunk sourcetype for this entity
 - ``lag event / lag ingestion: ([D+]HH:MM:SS)`` exposes the two main lagging metrics handled by TrackMe, the lag from the event point of view, and the lag from the ingestion point of view, we will come back to that very soon
 - ``data_last_time_seen`` is the last date time TrackMe has detected data available for this data source, from the event time stamp point of view
 
@@ -284,6 +284,13 @@ Status message
    :alt: img/first_steps/img020_blue
    :align: center
 
+*example of an orange state due to data indexed in the future:*
+
+.. image:: img/first_steps/img020_orange.png
+   :alt: img/first_steps/img020_orange
+   :align: center
+
+
 Audit changes
 ^^^^^^^^^^^^^
 

trackme/app.manifest

@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "trackme",
-      "version": "1.2.19"
+      "version": "1.2.20"
     },
     "author": [
       {

trackme/bin/getlistdef.py

@@ -78,7 +78,7 @@ def stream(self, records):
         for record in records:
 
             for fieldname in self.fieldnames:
-                matches = pattern.findall(six.text_type(record[fieldname].decode("utf-8")))
+                matches = pattern.findall(six.text_type(record[fieldname]))
                 count += len(matches)
             record[self.fieldname] = count
 

trackme/default/app.conf

@@ -16,4 +16,4 @@ label = TrackMe
 [launcher]
 author = Guilhem Marchand
 description = Data tracking system for Splunk
-version = 1.2.19
+version = 1.2.20