This is an automated email from the ASF dual-hosted git repository.
rmerriman pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/metron.git
The following commit(s) were added to refs/heads/master by this push:
new 8d7ce16 METRON-2064 Metron REST API overwriting global.json values
(merrimanr) closes apache/metron#1376
8d7ce16 is described below
commit 8d7ce165050619abf3d8be600ba4c8655b6ad0ed
Author: merrimanr <[email protected]>
AuthorDate: Fri Apr 12 09:47:24 2019 -0500
METRON-2064 Metron REST API overwriting global.json values (merrimanr)
closes apache/metron#1376
---
metron-platform/metron-common/README.md | 59 +++++++++++++++++++--------------
metron-platform/metron-solr/README.md | 4 +--
2 files changed, 37 insertions(+), 26 deletions(-)
diff --git a/metron-platform/metron-common/README.md
b/metron-platform/metron-common/README.md
index cbea9dd..40f1289 100644
--- a/metron-platform/metron-common/README.md
+++ b/metron-platform/metron-common/README.md
@@ -80,30 +80,41 @@ This configuration is stored in zookeeper, but looks
something like
Various parts of our stack uses the global config are documented throughout
the Metron documentation,
but a convenient index is provided here:
-| Property Name
| Subsystem | Type | Ambari
Property |
-|---------------------------------------------------------------------------------------------------------------------|---------------|------------|----------------------------|
-| [`es.clustername`](../metron-elasticsearch#esclustername)
| Indexing | String |
`es_cluster_name` |
-| [`es.ip`](../metron-elasticsearch#esip)
| Indexing | String |
`es_hosts` |
-| [`es.port`](../metron-elasticsearch#esport)
| Indexing | String | `es_port`
|
-| [`es.date.format`](../metron-elasticsearch#esdateformat)
| Indexing | String |
`es_date_format` |
-| [`es.client.settings`](../metron-elasticsearch#esclientsettings)
| Indexing | Object | N/A
|
-| [`fieldValidations`](#validation-framework)
| Parsing | Object | N/A
|
-| [`parser.error.topic`](../metron-parsers#parsererrortopic)
| Parsing | String | N/A
|
-|
[`stellar.function.paths`](../../metron-stellar/stellar-common#stellarfunctionpaths)
| Stellar | CSV String | N/A
|
-|
[`stellar.function.resolver.includes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes)
| Stellar | CSV String | N/A |
-|
[`stellar.function.resolver.excludes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes)
| Stellar | CSV String | N/A |
-|
[`profiler.period.duration`](../../metron-analytics/metron-profiler#profilerperiodduration)
| Profiler | Integer |
`profiler_period_duration` |
-|
[`profiler.period.duration.units`](../../metron-analytics/metron-profiler#profilerperioddurationunits)
| Profiler | String | `profiler_period_units` |
-|
[`profiler.writer.batchSize`](../../metron-analytics/metron-profiler/#profilerwriterbatchsize)
| Profiler | Integer | N/A
|
-|
[`profiler.writer.batchTimeout`](../../metron-analytics/metron-profiler/#profilerwriterbatchtimeout)
| Profiler | Integer | N/A |
-| [`update.hbase.table`](../metron-indexing#updatehbasetable)
| REST/Indexing | String |
`update_hbase_table` |
-| [`update.hbase.cf`](../metron-indexing#updatehbasecf)
| REST/Indexing | String |
`update_hbase_cf` |
-| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile)
| Enrichment | String |
`geo_hdfs_file` |
-|
[`enrichment.writer.batchSize`](../metron-enrichment#enrichmentwriterbatchsize)
| Enrichment | Integer | N/A
|
-|
[`enrichment.writer.batchTimeout`](../metron-enrichment#enrichmentwriterbatchtimeout)
| Enrichment | Integer | N/A
|
-| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile)
| Enrichment | String |
`geo_hdfs_file` |
-| [`source.type.field`](../../metron-interface/metron-alerts#sourcetypefield)
| UI | String |
`source_type_field` |
-|
[`threat.triage.score.field`](../../metron-interface/metron-alerts#threattriagescorefield)
| UI | String |
`threat_triage_score_field` |
+| Property Name
| Subsystem | Type | Ambari
Property |
+|---------------------------------------------------------------------------------------------------------------------|---------------|------------|----------------------------------------|
+| [`es.clustername`](../metron-elasticsearch#esclustername)
| Indexing | String |
`es_cluster_name` |
+| [`es.ip`](../metron-elasticsearch#esip)
| Indexing | String |
`es_hosts` & `es_port` |
+| [`es.port`](../metron-elasticsearch#esport)
| Indexing | String | N/A
|
+| [`es.date.format`](../metron-elasticsearch#esdateformat)
| Indexing | String |
`es_date_format` |
+| [`es.client.settings`](../metron-elasticsearch#esclientsettings)
| Indexing | Object | N/A
|
+| [`solr.zookeeper`](../metron-solr#configuration)
| Indexing | String |
`solr_zookeeper_url` |
+| [`solr.commitPerBatch`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`solr.commit.soft`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`solr.commit.waitSearcher`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`solr.commit.waitFlush`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`solr.collection`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`solr.http.config`](../metron-solr#configuration)
| Indexing | String | N/A
|
+| [`fieldValidations`](#validation-framework)
| Parsing | Object | N/A
|
+| [`parser.error.topic`](../metron-parsers#parsererrortopic)
| Parsing | String |
`parser_error_topic` |
+|
[`stellar.function.paths`](../../metron-stellar/stellar-common#stellarfunctionpaths)
| Stellar | CSV String | N/A
|
+|
[`stellar.function.resolver.includes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes)
| Stellar | CSV String | N/A |
+|
[`stellar.function.resolver.excludes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes)
| Stellar | CSV String | N/A |
+|
[`profiler.period.duration`](../../metron-analytics/metron-profiler-storm#profilerperiodduration)
| Profiler | Integer | `profiler_period_duration`
|
+|
[`profiler.period.duration.units`](../../metron-analytics/metron-profiler-storm#profilerperioddurationunits)
| Profiler | String | `profiler_period_units` |
+|
[`profiler.client.period.duration`](../../metron-analytics/metron-profiler-storm#profilerperiodduration)
| Profiler | Integer | `profiler_period_duration`
|
+|
[`profiler.client.period.duration.units`](../../metron-analytics/metron-profiler-storm#profilerperioddurationunits)
| Profiler | String | `profiler_period_units` |
+|
[`profiler.writer.batchSize`](../../metron-analytics/metron-profiler-storm/#profilerwriterbatchsize)
| Profiler | Integer |
`profiler_kafka_writer_batch_size` |
+|
[`profiler.writer.batchTimeout`](../../metron-analytics/metron-profiler-storm/#profilerwriterbatchtimeout)
| Profiler | Integer | `profiler_kafka_writer_batch_timeout`
|
+| [`update.hbase.table`](../metron-indexing#updatehbasetable)
| REST/Indexing | String |
`update_hbase_table` |
+| [`update.hbase.cf`](../metron-indexing#updatehbasecf)
| REST/Indexing | String |
`update_hbase_cf` |
+| [`user.settings.hbase.table`](../metron-interface/metron-rest)
| REST/Indexing | String |
`user_settings_hbase_table` |
+| [`user.settings.hbase.cf`](../metron-interface/metron-rest)
| REST/Indexing | String |
`user_settings_hbase_cf` |
+| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile)
| Enrichment | String |
`geo_hdfs_file` |
+|
[`enrichment.writer.batchSize`](../metron-enrichment#enrichmentwriterbatchsize)
| Enrichment | Integer |
`enrichment_kafka_writer_batch_size` |
+|
[`enrichment.writer.batchTimeout`](../metron-enrichment#enrichmentwriterbatchtimeout)
| Enrichment | Integer |
`enrichment_kafka_writer_batch_timeout`|
+| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile)
| Enrichment | String |
`geo_hdfs_file` |
+| [`source.type.field`](../../metron-interface/metron-alerts#sourcetypefield)
| UI | String |
`source_type_field` |
+|
[`threat.triage.score.field`](../../metron-interface/metron-alerts#threattriagescorefield)
| UI | String |
`threat_triage_score_field` |
## Note Configs in Ambari
If a field is managed via ambari, you should change the field via
diff --git a/metron-platform/metron-solr/README.md
b/metron-platform/metron-solr/README.md
index ca90c73..cba4dd5 100644
--- a/metron-platform/metron-solr/README.md
+++ b/metron-platform/metron-solr/README.md
@@ -103,8 +103,8 @@ Elasticsearch is the real-time store used by default in
Metron. Solr can be ena
1. Stop the Metron Indexing component in Ambari.
1. Update Ambari UI -> Services -> Metron -> Configs -> Index Settings -> Solr
Zookeeper Urls to match the Solr installation described in the previous section.
1. Change Ambari UI -> Services -> Metron -> Configs -> Indexing -> Index
Writer - Random Access -> Random Access Search Engine to `Solr`.
-1. Set the `source.type.field` property to `source.type` in the [Global
Configuration](../metron-common#global-configuration).
-1. Set the `threat.triage.score.field` property to `threat.triage.score` in
the [Global Configuration](../metron-common#global-configuration).
+1. Change Ambari UI -> Services -> Metron -> Configs -> REST -> Source Type
Field Name to `source.type`.
+1. Change Ambari UI -> Services -> Metron -> Configs -> REST -> Threat Triage
Score Field Name to `threat.triage.score`.
1. Start the Metron Indexing component in Ambari.
1. Restart Metron REST and the Alerts UI in Ambari.
