[GitHub] metron issue #797: METRON-1243: Add a REST endpoint which allows us to get a...

Wed, 11 Oct 2017 11:56:57 -0700 

Github user cestella commented on the issue:

    https://github.com/apache/metron/pull/797
  
    # Testing Plan
    
    ## Basic Functionality
    * Ensure you can retrieve the elasticsearch indices set up in Metron and
      they include the default sensors:
      `curl -u user:password -X GET --header 'Accept: application/json' 
'http://node1:8082/api/v1/sensor/indexing/config/list/indices/elasticsearch'`
      * You should see the default sensors:
        * websphere
        * jsonMap
        * squid
        * error
        * snort
        * asa
        * bro
        * yaf
    * Delete the `websphere` parser
      `curl -u user:password -X DELETE --header 'Accept: */*' 
'http://node1:8082/api/v1/sensor/parser/config/websphere'`
    * Delete the `websphere` index config
      `curl -u user:password -X DELETE --header 'Accept: */*' 
'http://node1:8082/api/v1/sensor/indexing/config/websphere'`
    * Run the list indices command and ensure that websphere does not appear
      `curl -u user:password -X GET --header 'Accept: application/json' 
'http://node1:8082/api/v1/sensor/indexing/config/list/indices/elasticsearch'`
    ## Add a new parser
    * Add the websphere parser back
    ```
    curl -u user:password -X POST --header 'Content-Type: application/json' 
--header 'Accept: application/json' -d '{
      
"parserClassName":"org.apache.metron.parsers.websphere.GrokWebSphereParser",
      "sensorTopic":"websphere",
      "parserConfig":
      {
        "grokPath":"/patterns/websphere",
        "patternLabel":"WEBSPHERE",
        "timestampField":"timestamp_string",
        "dateFormat":"yyyy MMM dd HH:mm:ss"
      }
    }' 'http://node1:8082/api/v1/sensor/parser/config'
    ```
    * Run the list indices command and ensure that `websphere` does appear
      `curl -u user:password -X GET --header 'Accept: application/json' 
'http://node1:8082/api/v1/sensor/indexing/config/list/indices/elasticsearch'`
    
    ## Rename index name
    * Add the `websphere` indexing config back, renaming the index for 
elasticsearch to `webspheroid`
    ```
    curl -u user:password -X POST --header 'Content-Type: application/json' 
--header 'Accept: application/json' -d '{
      "hdfs" : {
        "index": "websphere",
        "batchSize": 5,
        "enabled" : true
      },
      "elasticsearch" : {
        "index": "webspheroid",
        "batchSize": 5,
        "enabled" : true
      },
      "solr" : {
        "index": "websphere",
        "batchSize": 5,
        "enabled" : true
      }
    }' 'http://node1:8082/api/v1/sensor/indexing/config/websphere'
    ```
    * Run the list indices command and ensure that `websphere` does not appear, 
but `webspheroid` does
      `curl -u user:password -X GET --header 'Accept: application/json' 
'http://node1:8082/api/v1/sensor/indexing/config/list/indices/elasticsearch'`
    * Run the list indices command for the hdfs writer and ensure that 
`websphere` exists and not `webspheroid`
      `curl -u user:password -X GET --header 'Accept: application/json' 
'http://node1:8082/api/v1/sensor/indexing/config/list/indices/hdfs'`
    



---

Reply via email to