[GitHub] metron pull request #714: METRON-1128: MAAS_GET_ENDPOINT - Unable to resolve...

Tue, 29 Aug 2017 06:22:05 -0700 

Github user anandsubbu commented on a diff in the pull request:

    https://github.com/apache/metron/pull/714#discussion_r135786862
  
    --- Diff: metron-analytics/metron-maas-service/README.md ---
    @@ -126,16 +126,20 @@ Now let's install some prerequisites:
     Start Squid via `service squid start`
     
     Now that we have flask and jinja, we can create a mock DGA service to 
deploy with MaaS:
    -* Download the files in 
[this](https://gist.github.com/cestella/cba10aff0f970078a4c2c8cade3a4d1a) gist 
into the `/root/mock_dga` directory
    -* Make `rest.sh` executable via `chmod +x /root/mock_dga/rest.sh`
    +* Download the files in 
[this](https://gist.github.com/cestella/cba10aff0f970078a4c2c8cade3a4d1a) gist 
into the `$HOME/mock_dga` directory
    +* Make `rest.sh` executable via `chmod +x $HOME/mock_dga/rest.sh`
     
     This service will treat `yahoo.com` and `amazon.com` as legit and 
everything else as malicious.  The contract is that the REST service exposes an 
endpoint `/apply` and returns back JSON maps with a single key `is_malicious` 
which can be `malicious` or `legit`.
     
     ## Deploy Mock DGA Service via MaaS
     
    +The following presumes that you are a logged in as a user who has a
    +home directory in HDFS under `/user/$USER`.  If you do not, please create 
one
    +and ensure the permissions are set appropriate.
    +
     Now let's start MaaS and deploy the Mock DGA Service:
     * Start MaaS via `$METRON_HOME/bin/maas_service.sh -zq node1:2181`
    -* Start one instance of the mock DGA model with 512M of memory via 
`$METRON_HOME/bin/maas_deploy.sh -zq node1:2181 -lmp /root/mock_dga -hmp 
/user/root/models -mo ADD -m 512 -n dga -v 1.0 -ni 1`
    +* Start one instance of the mock DGA model with 512M of memory via 
`$METRON_HOME/bin/maas_deploy.sh -zq node1:2181 -lmp $HOME/mock_dga -hmp 
/user/$USER/models -mo ADD -m 512 -n dga -v 1.0 -ni 1`
    --- End diff --
    
    I bumped into the same issue that @mmiklavc described. Turns out that the 
HDFS folder owner and group needs to be owned by the same user (e.g. metron) 
and then the LIST command worked fine. 
    
    After this, I was able to follow the steps and everything worked fine. I 
was able to get the squid indices generated with the `is_alert` and 
`is_malicious` fields set correctly.  
    
    +1 (non-binding) from my side. Thank you @cestella !


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to