http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-contrib/metron-docker/pom.xml ---------------------------------------------------------------------- diff --git a/metron-contrib/metron-docker/pom.xml b/metron-contrib/metron-docker/pom.xml new file mode 100644 index 0000000..650c417 --- /dev/null +++ b/metron-contrib/metron-docker/pom.xml @@ -0,0 +1,312 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software + Foundation (ASF) under one or more contributor license agreements. See the + NOTICE file distributed with this work for additional information regarding + copyright ownership. The ASF licenses this file to You under the Apache License, + Version 2.0 (the "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software distributed + under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES + OR CONDITIONS OF ANY KIND, either express or implied. See the License for + the specific language governing permissions and limitations under the License. + --> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <artifactId>metron-docker</artifactId> + <packaging>pom</packaging> + <name>metron-docker</name> + <parent> + <groupId>org.apache.metron</groupId> + <artifactId>metron-contrib</artifactId> + <version>0.4.1</version> + </parent> + <description>Metron Docker</description> + <url>https://metron.apache.org/</url> + <properties> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> + </properties> + <build> + <plugins> + <plugin> + <artifactId>maven-resources-plugin</artifactId> + <version>3.0.1</version> + <executions> + <execution> + <id>copy-common-to-kafkazk</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/kafkazk/packages</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-common/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-parsers-to-kafkazk</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/kafkazk/packages</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-parsers/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-enrichment-to-kafkazk</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/kafkazk/packages</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-enrichment/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-indexing-to-kafkazk</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/kafkazk/packages</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-indexing/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-templates-to-elasticsearch</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/elasticsearch/es_templates</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-deployment/roles/metron_elasticsearch_templates/files/es_templates/</directory> + <includes> + <include>*.template</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-data-management-to-hbase</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/hbase/data-management</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-data-management/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-parsers-to-storm</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/storm/parser</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-parsers/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-enrichment-to-storm</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/storm/enrichment</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-enrichment/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-indexing-to-storm</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/storm/indexing</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-indexing/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-elasticsearch-to-storm</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/storm/elasticsearch</outputDirectory> + <resources> + <resource> + <directory>${project.parent.parent.basedir}/metron-platform/metron-elasticsearch/target/</directory> + <includes> + <include>*.tar.gz</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>filter-docker-env</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose</outputDirectory> + <resources> + <resource> + <directory>./conf</directory> + <filtering>true</filtering> + <includes> + <include>.env</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-wait-for-it-to-hbase</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/hbase/bin</outputDirectory> + <resources> + <resource> + <directory>./scripts</directory> + <includes> + <include>wait-for-it.sh</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-wait-for-it-to-kafkazk</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/kafkazk/bin</outputDirectory> + <resources> + <resource> + <directory>./scripts</directory> + <includes> + <include>wait-for-it.sh</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + <execution> + <id>copy-wait-for-it-to-elasticsearch</id> + <phase>prepare-package</phase> + <goals> + <goal>copy-resources</goal> + </goals> + <configuration> + <outputDirectory>${project.basedir}/compose/elasticsearch</outputDirectory> + <resources> + <resource> + <directory>./scripts</directory> + <includes> + <include>wait-for-it.sh</include> + </includes> + </resource> + </resources> + </configuration> + </execution> + </executions> + </plugin> + <plugin> + <artifactId>maven-clean-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <filesets> + <fileset> + <directory>compose</directory> + <includes> + <include>**/*.tar.gz</include> + <include>**/wait-for-it.sh</include> + <include>.env</include> + <include>**/*.template</include> + </includes> + </fileset> + </filesets> + </configuration> + </plugin> + </plugins> + </build> +</project>
http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-contrib/metron-docker/scripts/create-docker-machine.sh ---------------------------------------------------------------------- diff --git a/metron-contrib/metron-docker/scripts/create-docker-machine.sh b/metron-contrib/metron-docker/scripts/create-docker-machine.sh new file mode 100755 index 0000000..241f4ae --- /dev/null +++ b/metron-contrib/metron-docker/scripts/create-docker-machine.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +docker-machine create --driver virtualbox --virtualbox-disk-size "30000" --virtualbox-memory "4096" --virtualbox-cpu-count "2" metron-machine http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-contrib/metron-docker/scripts/wait-for-it.sh ---------------------------------------------------------------------- diff --git a/metron-contrib/metron-docker/scripts/wait-for-it.sh b/metron-contrib/metron-docker/scripts/wait-for-it.sh new file mode 100755 index 0000000..eca6c3b --- /dev/null +++ b/metron-contrib/metron-docker/scripts/wait-for-it.sh @@ -0,0 +1,161 @@ +#!/usr/bin/env bash +# Use this script to test if a given TCP host/port are available + +cmdname=$(basename $0) + +echoerr() { if [[ $QUIET -ne 1 ]]; then echo "$@" 1>&2; fi } + +usage() +{ + cat << USAGE >&2 +Usage: + $cmdname host:port [-s] [-t timeout] [-- command args] + -h HOST | --host=HOST Host or IP under test + -p PORT | --port=PORT TCP port under test + Alternatively, you specify the host and port as host:port + -s | --strict Only execute subcommand if the test succeeds + -q | --quiet Don't output any status messages + -t TIMEOUT | --timeout=TIMEOUT + Timeout in seconds, zero for no timeout + -- COMMAND ARGS Execute command with args after the test finishes +USAGE + exit 1 +} + +wait_for() +{ + if [[ $TIMEOUT -gt 0 ]]; then + echoerr "$cmdname: waiting $TIMEOUT seconds for $HOST:$PORT" + else + echoerr "$cmdname: waiting for $HOST:$PORT without a timeout" + fi + start_ts=$(date +%s) + while : + do + (echo > /dev/tcp/$HOST/$PORT) >/dev/null 2>&1 + result=$? + if [[ $result -eq 0 ]]; then + end_ts=$(date +%s) + echoerr "$cmdname: $HOST:$PORT is available after $((end_ts - start_ts)) seconds" + break + fi + sleep 1 + done + return $result +} + +wait_for_wrapper() +{ + # In order to support SIGINT during timeout: http://unix.stackexchange.com/a/57692 + if [[ $QUIET -eq 1 ]]; then + timeout $TIMEOUT $0 --quiet --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & + else + timeout $TIMEOUT $0 --child --host=$HOST --port=$PORT --timeout=$TIMEOUT & + fi + PID=$! + trap "kill -INT -$PID" INT + wait $PID + RESULT=$? + if [[ $RESULT -ne 0 ]]; then + echoerr "$cmdname: timeout occurred after waiting $TIMEOUT seconds for $HOST:$PORT" + fi + return $RESULT +} + +# process arguments +while [[ $# -gt 0 ]] +do + case "$1" in + *:* ) + hostport=(${1//:/ }) + HOST=${hostport[0]} + PORT=${hostport[1]} + shift 1 + ;; + --child) + CHILD=1 + shift 1 + ;; + -q | --quiet) + QUIET=1 + shift 1 + ;; + -s | --strict) + STRICT=1 + shift 1 + ;; + -h) + HOST="$2" + if [[ $HOST == "" ]]; then break; fi + shift 2 + ;; + --host=*) + HOST="${1#*=}" + shift 1 + ;; + -p) + PORT="$2" + if [[ $PORT == "" ]]; then break; fi + shift 2 + ;; + --port=*) + PORT="${1#*=}" + shift 1 + ;; + -t) + TIMEOUT="$2" + if [[ $TIMEOUT == "" ]]; then break; fi + shift 2 + ;; + --timeout=*) + TIMEOUT="${1#*=}" + shift 1 + ;; + --) + shift + CLI="$@" + break + ;; + --help) + usage + ;; + *) + echoerr "Unknown argument: $1" + usage + ;; + esac +done + +if [[ "$HOST" == "" || "$PORT" == "" ]]; then + echoerr "Error: you need to provide a host and port to test." + usage +fi + +TIMEOUT=${TIMEOUT:-15} +STRICT=${STRICT:-0} +CHILD=${CHILD:-0} +QUIET=${QUIET:-0} + +if [[ $CHILD -gt 0 ]]; then + wait_for + RESULT=$? + exit $RESULT +else + if [[ $TIMEOUT -gt 0 ]]; then + wait_for_wrapper + RESULT=$? + else + wait_for + RESULT=$? + fi +fi + +if [[ $CLI != "" ]]; then + if [[ $RESULT -ne 0 && $STRICT -eq 1 ]]; then + echoerr "$cmdname: strict mode, refusing to execute subprocess" + exit $RESULT + fi + exec $CLI +else + exit $RESULT +fi http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-contrib/pom.xml ---------------------------------------------------------------------- diff --git a/metron-contrib/pom.xml b/metron-contrib/pom.xml new file mode 100644 index 0000000..324c793 --- /dev/null +++ b/metron-contrib/pom.xml @@ -0,0 +1,44 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + Licensed to the Apache Software + Foundation (ASF) under one or more contributor license agreements. See the + NOTICE file distributed with this work for additional information regarding + copyright ownership. The ASF licenses this file to You under the Apache License, + Version 2.0 (the "License"); you may not use this file except in compliance + with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software distributed + under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES + OR CONDITIONS OF ANY KIND, either express or implied. See the License for + the specific language governing permissions and limitations under the License. + --> + +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd";> + <modelVersion>4.0.0</modelVersion> + <artifactId>metron-contrib</artifactId> + <packaging>pom</packaging> + <name>metron-contrib</name> + <parent> + <groupId>org.apache.metron</groupId> + <artifactId>Metron</artifactId> + <version>0.4.1</version> + </parent> + <description>Contributed Tooling for Metron</description> + <url>https://metron.apache.org/</url> + <scm> + <connection>scm:git:https://git-wip-us.apache.org/repos/asf/metron.git</connection> + <developerConnection>scm:git:https://git-wip-us.apache.org/repos/asf/metron.git</developerConnection> + <tag>HEAD</tag> + <url>https://git-wip-us.apache.org/repos/asf/metron</url> + </scm> + <licenses> + <license> + <name>The Apache Software License, Version 2.0</name> + <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url> + <distribution>repo</distribution> + </license> + </licenses> + <modules> + <module>metron-docker</module> + </modules> +</project> http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/.gitignore ---------------------------------------------------------------------- diff --git a/metron-docker/.gitignore b/metron-docker/.gitignore deleted file mode 100644 index 05cbde5..0000000 --- a/metron-docker/.gitignore +++ /dev/null @@ -1,13 +0,0 @@ -/compose/.env -/compose/elasticsearch/es_templates -/compose/kafkazk/packages/ -/compose/hbase/data-management -/compose/storm/elasticsearch -/compose/storm/enrichment -/compose/storm/parser -/compose/storm/indexing -/compose/kafkazk/data/* -!/compose/kafkazk/data/BroExampleOutput.txt -!/compose/kafkazk/data/SquidExampleOutput.txt -wait-for-it.sh -!/scripts/wait-for-it.sh \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/README.md ---------------------------------------------------------------------- diff --git a/metron-docker/README.md b/metron-docker/README.md deleted file mode 100644 index 32892f8..0000000 --- a/metron-docker/README.md +++ /dev/null @@ -1,252 +0,0 @@ -# Metron Docker - -Metron Docker is a [Docker Compose](https://docs.docker.com/compose/overview/) application that is intended for development and integration testing of Metron. Use this instead of Vagrant when: - - - You want an environment that can be built and spun up quickly - - You need to frequently rebuild and restart services - - You only need to test, troubleshoot or develop against a subset of services - -Metron Docker includes these images that have been customized for Metron: - - - Kafka (with Zookeeper) - - HBase - - Storm (with all topologies deployed) - - Elasticsearch - - Kibana - - HDFS - -Setup ------ - -Install [Docker for Mac](https://docs.docker.com/docker-for-mac/) or [Docker for Windows](https://docs.docker.com/docker-for-windows/). The following versions have been tested: - - - Docker version 1.12.0 - - docker-machine version 0.8.0 - - docker-compose version 1.8.0 - -Build Metron from the top level directory with: -``` -$ cd $METRON_HOME -$ mvn clean install -DskipTests -``` - -You are welcome to use an existing Docker host but we prefer one with more resources. You can create one of those with this script: -``` -$ export METRON_DOCKER_HOME=$METRON_HOME/metron-docker -$ cd $METRON_DOCKER_HOME && ./scripts/create-docker-machine.sh -``` - -This will create a host called "metron-machine". Anytime you want to run Docker commands against this host, make sure you run this first to set the Docker environment variables: -``` -$ eval "$(docker-machine env metron-machine)" -``` - -If you wish to use a local docker-engine install, please set an environment variable BROKER_IP_ADDR to the IP address of your host machine. This cannot be the loopback address. - -Usage ------ - -Navigate to the compose application root: -``` -$ cd $METRON_DOCKER_HOME/compose/ -``` - -The Metron Docker environment lifecycle is controlled by the [docker-compose](https://docs.docker.com/compose/reference/overview/) command. The service names can be found in the docker-compose.yml file. For example, to build and start the environment run this command: -``` -$ eval "$(docker-machine env metron-machine)" -$ docker-compose up -d -``` - -After all services have started list the containers and ensure their status is 'Up': -``` -$ docker ps --format 'table {{.Names}}\t{{.Status}}' -NAMES STATUS -metron_storm_1 Up 5 minutes -metron_hbase_1 Up 5 minutes -metron_kibana_1 Up 5 minutes -metron_kafkazk_1 Up 5 minutes -metron_elasticsearch_1 Up 5 minutes -``` - -Various services are exposed through http on the Docker host. Get the host ip from the URL property: -``` -$ docker-machine ls -NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS -metron-machine * virtualbox Running tcp://192.168.99.100:2376 v1.12.5 -``` - -Then, assuming a host ip of `192.168.99.100`, the UIs and APIs are available at: - -* Storm - http://192.168.99.100:8080/ -* HBase - http://192.168.99.100:16010/ -* Elasticsearch - http://192.168.99.100:9200/_plugin/head/ -* Kibana - http://192.168.99.100:5601/ -* HDFS (Namenode) - http://192.168.99.100:50070/ - -The Storm logs can be useful when troubleshooting topologies. They can be found on the Storm container in `/usr/share/apache-storm/logs`. - -When done using the machine, shut it down with: -``` -$ docker-compose down -``` - -Examples ------ -* [Deploy a new parser class](#deploy-a-new-parser-class) -* [Connect to a container](#connect-to-a-container) -* [Create a sensor from sample data](create-a-sensor-from-sample-data) -* [Upload configs to Zookeeper](upload-configs-to-zookeeper) -* [Manage a topology](manage-a-topology) -* [Run sensor data end to end](run-sensor-data-end-to-end) - - -### Deploy a new parser class - -After adding a new parser to metron-parsers, build Metron from the top level directory: -``` -$ cd $METRON_HOME -$ mvn clean install -DskipTests -``` - -Then run these commands to redeploy the parsers to the Storm image: -``` -$ cd $METRON_DOCKER_HOME/compose -$ docker-compose down -$ docker-compose build storm -$ docker-compose up -d -``` - -### Connect to a container - -Suppose there is a problem with Kafka and the logs are needed for further investigation. Run this command to connect and explore the running Kafka container: -``` -$ cd $METRON_DOCKER_HOME/compose -$ docker-compose exec kafkazk bash -``` - -### Create a sensor from sample data - -A tool for producing test data in Kafka is included with the Kafka/Zookeeper image. It loops through lines in a test data file and outputs them to Kafka at the desired frequency. Create a test data file in `./kafkazk/data/` and rebuild the Kafka/Zookeeper image: -``` -$ cd $METRON_DOCKER_HOME/compose -$ printf 'first test data\nsecond test data\nthird test data\n' > ./kafkazk/data/TestData.txt -$ docker-compose down -$ docker-compose build kafkazk -$ docker-compose up -d -``` - -This will deploy the test data file to the Kafka/Zookeeper container. Now that data can be streamed to a Kafka topic: -``` -$ docker-compose exec kafkazk ./bin/produce-data.sh -Usage: produce-data.sh data_path topic [message_delay_in_seconds] - -# Stream data in TestData.txt to the 'test' Kafka topic at a frequency of 5 seconds (default is 1 second) -$ docker-compose exec kafkazk ./bin/produce-data.sh /data/TestData.txt test 5 -``` - -The Kafka/Zookeeper image comes with sample Bro and Squid data: -``` -# Stream Bro test data every 1 second -$ docker-compose exec kafkazk ./bin/produce-data.sh /data/BroExampleOutput.txt bro - -# Stream Squid test data every 0.1 seconds -$ docker-compose exec kafkazk ./bin/produce-data.sh /data/SquidExampleOutput.txt squid 0.1 -``` - -### Upload configs to Zookeeper - -Parser configs and a global config configured for this Docker environment are included with the Kafka/Zookeeper image. Load them with: -``` -$ docker-compose exec kafkazk bash -# $METRON_HOME/bin/zk_load_configs.sh -z localhost:2181 -m PUSH -i $METRON_HOME/config/zookeeper -# exit -``` - -Dump out the configs with: -``` -$ docker-compose exec kafkazk bash -# $METRON_HOME/bin/zk_load_configs.sh -z localhost:2181 -m DUMP -# exit -``` - -### Manage a topology - -The Storm image comes with a script to easily start parser topologies: -``` -docker-compose exec storm ./bin/start_docker_parser_topology.sh sensor_name -``` - -The enrichment topology can be started with: -``` -docker-compose exec storm ./bin/start_enrichment_topology.sh -``` - -The indexing topology can be started with: -``` -docker-compose exec storm ./bin/start_elasticsearch_topology.sh -``` - -Topologies can be stopped using the Storm CLI. For example, stop the enrichment topology with: -``` -docker-compose exec storm storm kill enrichments -w 0 -``` - -### Run sensor data end to end - -First ensure configs were uploaded as described in the previous example. Then start a sensor and leave it running: -``` -$ cd $METRON_DOCKER_HOME/compose -$ docker-compose exec kafkazk ./bin/produce-data.sh /data/BroExampleOutput.txt bro -``` - -Open a separate console session and verify the sensor is running by consuming a message from Kafka: -``` -$ export METRON_DOCKER_HOME=$METRON_HOME/metron-docker -$ cd $METRON_DOCKER_HOME/compose -$ docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic bro -``` - -A new message should be printed every second. Now kill the consumer and start the Bro parser topology: -``` -$ docker-compose exec storm ./bin/start_docker_parser_topology.sh bro -``` - -Bro data should be flowing through the bro parser topology and into the Kafka enrichments topic. The enrichments topic should be created automatically: -``` -$ docker-compose exec kafkazk ./bin/kafka-topics.sh --zookeeper localhost:2181 --list -bro -enrichments -indexing -``` - -Verify parsed Bro data is in the Kafka enrichments topic: -``` -docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic enrichments -``` - -Now start the enrichment topology: -``` -docker-compose exec storm ./bin/start_enrichment_topology.sh -``` - -Parsed Bro data should be flowing through the enrichment topology and into the Kafka indexing topic. Verify enriched Bro data is in the Kafka indexing topic: -``` -docker-compose exec kafkazk ./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic indexing -``` - -Now start the indexing topology: -``` -docker-compose exec storm ./bin/start_elasticsearch_topology.sh -``` - -Enriched Bro data should now be present in the Elasticsearch container: -``` -$ docker-machine ls -NAME ACTIVE DRIVER STATE URL SWARM DOCKER ERRORS -metron-machine * virtualbox Running tcp://192.168.99.100:2376 v1.12.5 - -$ curl -XGET http://192.168.99.100:9200/_cat/indices?v -health status index pri rep docs.count docs.deleted store.size pri.store.size -yellow open .kibana 1 1 1 0 3.1kb 3.1kb -yellow open bro_index_2016.12.19.18 5 1 180 0 475kb 475kb -``` \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/docker-compose.yml ---------------------------------------------------------------------- diff --git a/metron-docker/compose/docker-compose.yml b/metron-docker/compose/docker-compose.yml deleted file mode 100644 index efc4227..0000000 --- a/metron-docker/compose/docker-compose.yml +++ /dev/null @@ -1,81 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -version: '2' -services: - kafkazk: - build: - context: ./kafkazk - args: - DOCKER_HOST: $DOCKER_HOST - BROKER_IP_ADDR: $BROKER_IP_ADDR - METRON_VERSION: $METRON_VERSION - ports: - - "9092:9092" - - "2181:2181" - hbase: - build: - context: ./hbase - args: - METRON_VERSION: $METRON_VERSION - ports: - - "16010:16010" - volumes: - - "/opt/hbase-1.1.6/conf" - depends_on: - - kafkazk - hadoop: - build: - context: ./hadoop - ports: - - "50070:50070" - volumes: - - "/opt/hadoop-2.7.3/etc/hadoop" - command: tail -f /dev/null - storm: - build: - context: ./storm - args: - METRON_VERSION: $METRON_VERSION - ports: - - "8000:8000" - - "8080:8080" - - "8081:8081" - environment: - ZOOKEEPER_ADDR: kafkazk - CONFIG_TOPOLOGY_CLASSPATH: "/opt/hbase-1.1.6/conf:/opt/hadoop-2.7.3/etc/hadoop" - volumes_from: - - hbase - - hadoop - depends_on: - - kafkazk - - hbase - - elasticsearch - - hadoop - command: --daemon nimbus supervisor ui logviewer - elasticsearch: - build: - context: ./elasticsearch - ports: - - "9200:9200" - - "9300:9300" - command: tail -f /dev/null - kibana: - build: ./kibana - ports: - - "5601:5601" - depends_on: - - elasticsearch http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/elasticsearch/Dockerfile ---------------------------------------------------------------------- diff --git a/metron-docker/compose/elasticsearch/Dockerfile b/metron-docker/compose/elasticsearch/Dockerfile deleted file mode 100644 index 790d9eb..0000000 --- a/metron-docker/compose/elasticsearch/Dockerfile +++ /dev/null @@ -1,27 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -FROM elasticsearch:2.3 - -RUN /usr/share/elasticsearch/bin/plugin install mobz/elasticsearch-head - -ADD ./es_templates /es_templates - -COPY ./wait-for-it.sh / -RUN chmod 755 /wait-for-it.sh - -COPY ./docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/elasticsearch/docker-entrypoint.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/elasticsearch/docker-entrypoint.sh b/metron-docker/compose/elasticsearch/docker-entrypoint.sh deleted file mode 100755 index 00209dc..0000000 --- a/metron-docker/compose/elasticsearch/docker-entrypoint.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# exit immediately on error -set -e - -# start elasticsearch as non-root user -chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/data -chown -R elasticsearch:elasticsearch /usr/share/elasticsearch/logs -gosu elasticsearch /usr/share/elasticsearch/bin/elasticsearch -d - -# wait for elasticsearch to start -/wait-for-it.sh localhost:9200 -t 30 - -# load elasticsearch templates -for template_file in `ls -1 /es_templates`; do - template_name=`echo $template_file | sed 's/\.template//g'` - curl -XPUT --data @/es_templates/$template_file http://localhost:9200/_template/$template_name -done - -# pass through CMD as PID 1 -exec "$@" http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hadoop/Dockerfile ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hadoop/Dockerfile b/metron-docker/compose/hadoop/Dockerfile deleted file mode 100644 index caddbd9..0000000 --- a/metron-docker/compose/hadoop/Dockerfile +++ /dev/null @@ -1,34 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -FROM openjdk:7 - -ENV HADOOP_PREFIX=/opt/hadoop-2.7.3 -ENV HADOOP_CONF_DIR=$HADOOP_PREFIX/etc/hadoop -ENV HADOOP_IDENT_STRING=root - -RUN curl -sL http://archive.apache.org/dist/hadoop/core/hadoop-2.7.3/hadoop-2.7.3.tar.gz | tar -xzC /opt - -COPY ./conf/* $HADOOP_CONF_DIR/ -RUN mkdir -p /hadoop/dfs/name \ - && mkdir -p /hadoop/dfs/data \ - && $HADOOP_PREFIX/bin/hdfs namenode -format - -WORKDIR $HADOOP_PREFIX -EXPOSE 9000 50010 50020 50070 50075 - -COPY ./docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hadoop/conf/core-site.xml ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hadoop/conf/core-site.xml b/metron-docker/compose/hadoop/conf/core-site.xml deleted file mode 100644 index f7a9465..0000000 --- a/metron-docker/compose/hadoop/conf/core-site.xml +++ /dev/null @@ -1,24 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. See accompanying LICENSE file. ---> - -<!-- Put site-specific property overrides in this file. --> - -<configuration> - <property> - <name>fs.defaultFS</name> - <value>hdfs://hadoop:9000</value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hadoop/conf/hdfs-site.xml ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hadoop/conf/hdfs-site.xml b/metron-docker/compose/hadoop/conf/hdfs-site.xml deleted file mode 100644 index c75a464..0000000 --- a/metron-docker/compose/hadoop/conf/hdfs-site.xml +++ /dev/null @@ -1,32 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<?xml-stylesheet type="text/xsl" href="configuration.xsl"?> -<!-- - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. See accompanying LICENSE file. ---> - -<!-- Put site-specific property overrides in this file. --> - -<configuration> - <property> - <name>dfs.replication</name> - <value>1</value> - </property> - <property> - <name>dfs.namenode.name.dir</name> - <value>/hadoop/dfs/name</value> - </property> - <property> - <name>dfs.datanode.data.dir</name> - <value>/hadoop/dfs/data</value> - </property> -</configuration> http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hadoop/docker-entrypoint.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hadoop/docker-entrypoint.sh b/metron-docker/compose/hadoop/docker-entrypoint.sh deleted file mode 100755 index 97b9809..0000000 --- a/metron-docker/compose/hadoop/docker-entrypoint.sh +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -# exit immediately on error -set -e - -# start namenode -$HADOOP_PREFIX/sbin/hadoop-daemon.sh --config $HADOOP_PREFIX/etc/hadoop --script hdfs start namenode - -# start datanode -$HADOOP_PREFIX/sbin/hadoop-daemon.sh --config $HADOOP_PREFIX/etc/hadoop --script hdfs start datanode - -# create metron base directory -$HADOOP_PREFIX/bin/hdfs dfs -mkdir -p /apps/metron - -# create directory for geo database -$HADOOP_PREFIX/bin/hdfs dfs -mkdir -p /apps/metron/geo/default - -# download geo database to hdfs -curl http://geolite.maxmind.com/download/geoip/database/GeoLite2-City.mmdb.gz | $HADOOP_PREFIX/bin/hdfs dfs -put - /apps/metron/geo/default/GeoLite2-City.mmdb.gz - -# pass through CMD as PID 1 -exec "$@" http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/Dockerfile ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/Dockerfile b/metron-docker/compose/hbase/Dockerfile deleted file mode 100644 index dd85790..0000000 --- a/metron-docker/compose/hbase/Dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -FROM centos - -ARG METRON_VERSION - -ENV METRON_VERSION $METRON_VERSION -ENV JAVA_HOME /usr -ENV HBASE_HOME /opt/hbase-1.1.6 -ENV HBASE_MANAGES_ZK false -ENV METRON_HOME /usr/metron/$METRON_VERSION/ - -ADD ./data /data -ADD ./data-management /data-management -RUN mkdir -p $METRON_HOME -RUN tar -xzf /data-management/metron-data-management-$METRON_VERSION-archive.tar.gz -C /usr/metron/$METRON_VERSION/ -ADD http://archive.apache.org/dist/hbase/1.1.6/hbase-1.1.6-bin.tar.gz /opt/hbase-1.1.6-bin.tar.gz -RUN tar -xzf /opt/hbase-1.1.6-bin.tar.gz -C /opt -RUN yum install -y java-1.8.0-openjdk lsof -ADD ./conf/enrichment-extractor.json /conf/enrichment-extractor.json -ADD ./conf/threatintel-extractor.json /conf/threatintel-extractor.json -ADD ./conf/hbase-site.docker.xml $HBASE_HOME/conf/hbase-site.xml -ADD ./bin $HBASE_HOME/bin -RUN chmod 755 $HBASE_HOME/bin/wait-for-it.sh - -EXPOSE 8080 8085 9090 9095 16000 16010 16201 16301 - -WORKDIR /opt/hbase-1.1.6 -CMD ./bin/start.sh http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/bin/init-commands.txt ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/bin/init-commands.txt b/metron-docker/compose/hbase/bin/init-commands.txt deleted file mode 100755 index 9bdf61f..0000000 --- a/metron-docker/compose/hbase/bin/init-commands.txt +++ /dev/null @@ -1,22 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -create 'access_tracker', 'cf' -create 'ip', 'cf' -create 'enrichment', 'cf' -create 'threatintel', 'cf' -exit \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/bin/init-hbase.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/bin/init-hbase.sh b/metron-docker/compose/hbase/bin/init-hbase.sh deleted file mode 100755 index 8b2d1d3..0000000 --- a/metron-docker/compose/hbase/bin/init-hbase.sh +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/hbase shell ./bin/init-commands.txt -/usr/metron/$METRON_VERSION/bin/flatfile_loader.sh -e /conf/enrichment-extractor.json -t enrichment -c cf -i /data/enrichments.csv -/usr/metron/$METRON_VERSION/bin/flatfile_loader.sh -e /conf/threatintel-extractor.json -t threatintel -c cf -i /data/threatintel.csv http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/bin/start.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/bin/start.sh b/metron-docker/compose/hbase/bin/start.sh deleted file mode 100755 index 20d01d2..0000000 --- a/metron-docker/compose/hbase/bin/start.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/start-hbase.sh -./bin/wait-for-it.sh localhost:16010 -./bin/init-hbase.sh -tail -f /dev/null http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/conf/enrichment-extractor.json ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/conf/enrichment-extractor.json b/metron-docker/compose/hbase/conf/enrichment-extractor.json deleted file mode 100644 index 322dbfd..0000000 --- a/metron-docker/compose/hbase/conf/enrichment-extractor.json +++ /dev/null @@ -1,12 +0,0 @@ -{ - "config" : { - "columns" : { - "ip" : 0 - ,"message" : 1 - } - ,"indicator_column" : "ip" - ,"type" : "sample" - ,"separator" : "," - } -,"extractor" : "CSV" -} http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/conf/hbase-site.docker.xml ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/conf/hbase-site.docker.xml b/metron-docker/compose/hbase/conf/hbase-site.docker.xml deleted file mode 100644 index 16a9c65..0000000 --- a/metron-docker/compose/hbase/conf/hbase-site.docker.xml +++ /dev/null @@ -1,41 +0,0 @@ -<?xml version="1.0"?> -<!-- - Licensed to the Apache Software - Foundation (ASF) under one or more contributor license agreements. See the - NOTICE file distributed with this work for additional information regarding - copyright ownership. The ASF licenses this file to You under the Apache License, - Version 2.0 (the "License"); you may not use this file except in compliance - with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software distributed - under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES - OR CONDITIONS OF ANY KIND, either express or implied. See the License for - the specific language governing permissions and limitations under the License. - --> -<configuration> - <property> - <name>hbase.rootdir</name> - <value>file:///home/root/hbase</value> - </property> - <property> - <name>hbase.zookeeper.property.dataDir</name> - <value>/home/root/zookeeper</value> - </property> - - <property> - <name>hbase.zookeeper.property.clientPort</name> - <value>2181</value> - <description>Property from ZooKeeper's config zoo.cfg. - The port at which the clients will connect. - </description> - </property> - - <property> - <name>hbase.zookeeper.quorum</name> - <value>kafkazk</value> - <description>Comma separated list of servers in the ZooKeeper Quorum.</description> - </property> - -</configuration> http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/conf/threatintel-extractor.json ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/conf/threatintel-extractor.json b/metron-docker/compose/hbase/conf/threatintel-extractor.json deleted file mode 100644 index 9e32d67..0000000 --- a/metron-docker/compose/hbase/conf/threatintel-extractor.json +++ /dev/null @@ -1,11 +0,0 @@ -{ - "config": { - "columns": { - "ip": 0 - }, - "indicator_column": "ip", - "type" : "malicious_ip", - "separator": "," - }, - "extractor": "CSV" -} http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/data/enrichments.csv ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/data/enrichments.csv b/metron-docker/compose/hbase/data/enrichments.csv deleted file mode 100644 index 4db096d..0000000 --- a/metron-docker/compose/hbase/data/enrichments.csv +++ /dev/null @@ -1,3 +0,0 @@ -93.188.160.43,enrichment 1 -192.249.113.37,enrichment 2 -10.122.196.204,enrichment 3 \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/hbase/data/threatintel.csv ---------------------------------------------------------------------- diff --git a/metron-docker/compose/hbase/data/threatintel.csv b/metron-docker/compose/hbase/data/threatintel.csv deleted file mode 100644 index e68913c..0000000 --- a/metron-docker/compose/hbase/data/threatintel.csv +++ /dev/null @@ -1,3 +0,0 @@ -93.188.160.43 -192.249.113.37 -10.122.196.204 \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/Dockerfile ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/Dockerfile b/metron-docker/compose/kafkazk/Dockerfile deleted file mode 100644 index 77b6b7e..0000000 --- a/metron-docker/compose/kafkazk/Dockerfile +++ /dev/null @@ -1,45 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -FROM centos - -ARG DOCKER_HOST -ARG BROKER_IP_ADDR -ARG METRON_VERSION - -ENV METRON_VERSION $METRON_VERSION -ENV METRON_HOME /usr/metron/$METRON_VERSION/ -ENV ZK_CLIENT_JARS /opt/kafka_2.11-0.10.0.0/libs - -ADD https://archive.apache.org/dist/kafka/0.10.0.0/kafka_2.11-0.10.0.0.tgz /opt/kafka_2.11-0.10.0.0.tgz -RUN tar -xzf /opt/kafka_2.11-0.10.0.0.tgz -C /opt -RUN echo -n 'advertised.listeners=PLAINTEXT://' >> /opt/kafka_2.11-0.10.0.0/config/server.properties -RUN echo $DOCKER_HOST | sed "s/^$/"$BROKER_IP_ADDR":/g" | sed "s/tcp:\\/\\///g" | sed "s/:.*/:9092/g" >> /opt/kafka_2.11-0.10.0.0/config/server.properties -RUN echo 'delete.topic.enable=true' >> /opt/kafka_2.11-0.10.0.0/config/server.properties -RUN yum install -y java-1.8.0-openjdk lsof - -RUN mkdir -p $METRON_HOME -ADD ./bin /opt/kafka_2.11-0.10.0.0/bin -RUN chmod 755 /opt/kafka_2.11-0.10.0.0/bin/wait-for-it.sh -COPY ./data /data/ -COPY ./packages/* /packages/ -RUN find /packages -type f -name '*.tar.gz' -exec tar -xzf {} -C /usr/metron/$METRON_VERSION/ \; -ADD ./conf /$METRON_HOME/config/zookeeper - -EXPOSE 2181 9092 - -WORKDIR /opt/kafka_2.11-0.10.0.0 -CMD ./bin/start.sh http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/create-topic.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/create-topic.sh b/metron-docker/compose/kafkazk/bin/create-topic.sh deleted file mode 100755 index 7db950a..0000000 --- a/metron-docker/compose/kafkazk/bin/create-topic.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/kafka-topics.sh --create --zookeeper localhost:2181 --replication-factor 1 --partitions 1 --topic $1 http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/init-kafka.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/init-kafka.sh b/metron-docker/compose/kafkazk/bin/init-kafka.sh deleted file mode 100755 index 078c184..0000000 --- a/metron-docker/compose/kafkazk/bin/init-kafka.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/create-topic.sh enrichments -./bin/create-topic.sh indexing http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/init-zk.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/init-zk.sh b/metron-docker/compose/kafkazk/bin/init-zk.sh deleted file mode 100755 index 4974683..0000000 --- a/metron-docker/compose/kafkazk/bin/init-zk.sh +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -echo "create /metron metron" | ./bin/zookeeper-shell.sh localhost:2181 -echo "create /metron/topology topology" | ./bin/zookeeper-shell.sh localhost:2181 -echo "create /metron/topology/parsers parsers" | ./bin/zookeeper-shell.sh localhost:2181 -echo "create /metron/topology/enrichments enrichments" | ./bin/zookeeper-shell.sh localhost:2181 -echo "create /metron/topology/indexing indexing" | ./bin/zookeeper-shell.sh localhost:2181 -$METRON_HOME/bin/zk_load_configs.sh -z localhost:2181 -m PUSH -i $METRON_HOME/config/zookeeper http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/output-data.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/output-data.sh b/metron-docker/compose/kafkazk/bin/output-data.sh deleted file mode 100755 index 1ed3b37..0000000 --- a/metron-docker/compose/kafkazk/bin/output-data.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -trap trapint 2 -function trapint { - exit 0 -} -if [ $# -ne 2 ] - then - echo "Usage: output-data.sh data_path [message_delay_in_seconds]" - exit 0 -fi - -FILE_PATH=$1 -DELAY=$2 -while : -do -cat $FILE_PATH | while read line -do -echo "$line" -sleep $DELAY -done -done http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/produce-data.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/produce-data.sh b/metron-docker/compose/kafkazk/bin/produce-data.sh deleted file mode 100755 index e12b1bb..0000000 --- a/metron-docker/compose/kafkazk/bin/produce-data.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -if [ $# -lt 2 ] - then - echo "Usage: produce-data.sh data_path topic [message_delay_in_seconds]" - exit 0 -fi - -FILE_PATH=$1 -TOPIC=$2 -DELAY=${3:-1} -echo "Emitting data in $FILE_PATH to Kafka topic $TOPIC every $DELAY second(s)" -exec ./bin/output-data.sh $FILE_PATH $DELAY | ./bin/kafka-console-producer.sh --broker-list localhost:9092 --topic $TOPIC > /dev/null http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/run-consumer.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/run-consumer.sh b/metron-docker/compose/kafkazk/bin/run-consumer.sh deleted file mode 100755 index af744d9..0000000 --- a/metron-docker/compose/kafkazk/bin/run-consumer.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/kafka-console-consumer.sh --zookeeper localhost:2181 --topic $1 http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/bin/start.sh ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/bin/start.sh b/metron-docker/compose/kafkazk/bin/start.sh deleted file mode 100755 index 757e0e6..0000000 --- a/metron-docker/compose/kafkazk/bin/start.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -./bin/zookeeper-server-start.sh config/zookeeper.properties & -./bin/wait-for-it.sh localhost:2181 -./bin/init-zk.sh -./bin/kafka-server-start.sh config/server.properties & -./bin/wait-for-it.sh localhost:9092 -./bin/init-kafka.sh -tail -f /dev/null http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/conf/global.json ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/conf/global.json b/metron-docker/compose/kafkazk/conf/global.json deleted file mode 100644 index 4a1e302..0000000 --- a/metron-docker/compose/kafkazk/conf/global.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "es.clustername": "elasticsearch", - "es.ip": "elasticsearch", - "es.port": "9300", - "es.date.format": "yyyy.MM.dd.HH" -} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/data/BroExampleOutput.txt ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/data/BroExampleOutput.txt b/metron-docker/compose/kafkazk/data/BroExampleOutput.txt deleted file mode 100644 index d6ab902..0000000 --- a/metron-docker/compose/kafkazk/data/BroExampleOutput.txt +++ /dev/null @@ -1,10 +0,0 @@ -{"http":{"ts":1402307733,"uid":"CTo78A11g7CYbbOHvj","id.orig_h":"192.249.113.37","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"dns":{"ts":1402308259,"uid":"CuJT272SKaJSuqO0Ia","id.orig_h":"10.122.196.204","id.orig_p":33976,"id.resp_h":"144.254.71.184","id.resp_p":53,"proto":"udp","trans_id":62418,"query":"www.cisco.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","rcode":0,"rcode_name":"NOERROR","AA":true,"TC":false,"RD":true,"RA":true,"Z":0,"answers":["www.cisco.com.akadns.net","origin-www.cisco.com","2001:420:1201:2::a"],"TTLs":[3600.0,289.0,14.0],"rejected":false}} -{"http":{"ts":1402307733,"uid":"KIRAN","id.orig_h":"10.122.196.204","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"http":{"ts":1402307733,"uid":"KIRAN12312312","id.orig_h":"192.249.113.37","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"http":{"ts":1402307733,"uid":"KIRAN12312312","id.orig_h":"192.249.113.37","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"http":{"ts":1402307733,"uid":"CTo78A11g7CYbbOHvj","id.orig_h":"10.122.196.204","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"email":"[email protected]","method":"GET","host":"gabacentre.pw","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"dns":{"ts":1402308259,"uid":"CYbbOHvj","id.orig_h":"93.188.160.43","id.orig_p":33976,"id.resp_h":"144.254.71.184","id.resp_p":53,"proto":"udp","trans_id":62418,"query":"www.cisco.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","rcode":0,"rcode_name":"NOERROR","AA":true,"TC":false,"RD":true,"RA":true,"Z":0,"answers":["gabacentre.pw","www.cisco.com.akadns.net","origin-www.cisco.com","2001:420:1201:2::a"],"TTLs":[3600.0,289.0,14.0],"rejected":false}} -{"http":{"ts":1402307733,"uid":"CTo78A11g7CYbbOHvj","id.orig_h":"192.249.113.37","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} -{"dns":{"ts":1402308259,"uid":"CuJT272SKaJSuqO0Ia","id.orig_h":"10.122.196.204","id.orig_p":33976,"id.resp_h":"144.254.71.184","id.resp_p":53,"proto":"udp","trans_id":62418,"query":"www.cisco.com","qclass":1,"qclass_name":"C_INTERNET","qtype":28,"qtype_name":"AAAA","rcode":0,"rcode_name":"NOERROR","AA":true,"TC":false,"RD":true,"RA":true,"Z":0,"answers":["www.cisco.com.akadns.net","origin-www.cisco.com","2001:420:1201:2::a"],"TTLs":[3600.0,289.0,14.0],"rejected":false}} -{"http":{"ts":1402307733,"uid":"KIRAN","id.orig_h":"10.122.196.204","id.orig_p":58808,"id.resp_h":"72.163.4.161","id.resp_p":80,"trans_depth":1,"method":"GET","host":"www.cisco.com","uri":"/","user_agent":"curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3","request_body_len":0,"response_body_len":25523,"status_code":200,"status_msg":"OK","tags":[],"resp_fuids":["FJDyMC15lxUn5ngPfd"],"resp_mime_types":["text/html"]}} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kafkazk/data/SquidExampleOutput.txt ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kafkazk/data/SquidExampleOutput.txt b/metron-docker/compose/kafkazk/data/SquidExampleOutput.txt deleted file mode 100644 index 358a24d..0000000 --- a/metron-docker/compose/kafkazk/data/SquidExampleOutput.txt +++ /dev/null @@ -1,5 +0,0 @@ -1461576382.642 161 127.0.0.1 TCP_MISS/200 103701 GET http://www.cnn.com/ - DIRECT/199.27.79.73 text/html -1461576442.228 159 127.0.0.1 TCP_MISS/200 137183 GET http://www.nba.com/ - DIRECT/66.210.41.9 text/html -1467011157.401 415 127.0.0.1 TCP_MISS/200 337891 GET http://www.aliexpress.com/af/shoes.html? - DIRECT/207.109.73.154 text/html -1467011158.083 671 127.0.0.1 TCP_MISS/200 41846 GET http://www.help.1and1.co.uk/domains-c40986/transfer-domains-c79878 - DIRECT/212.227.34.3 text/html -1467011159.978 1893 127.0.0.1 TCP_MISS/200 153925 GET http://www.pravda.ru/science/ - DIRECT/185.103.135.90 text/html \ No newline at end of file http://git-wip-us.apache.org/repos/asf/metron/blob/ba9ddda6/metron-docker/compose/kibana/Dockerfile ---------------------------------------------------------------------- diff --git a/metron-docker/compose/kibana/Dockerfile b/metron-docker/compose/kibana/Dockerfile deleted file mode 100644 index 3bd0640..0000000 --- a/metron-docker/compose/kibana/Dockerfile +++ /dev/null @@ -1,19 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -FROM kibana:4.5.3 - -ADD /images/metron.svg /opt/kibana/optimize/bundles/src/ui/public/images/kibana.svg
