Github user anandsubbu commented on a diff in the pull request:
https://github.com/apache/metron/pull/817#discussion_r147699187
--- Diff: metron-platform/metron-elasticsearch/README.md ---
@@ -81,3 +81,13 @@ curl -XPUT
"http://${ELASTICSEARCH}:9200/${SENSOR}_index*/_mapping/${SENSOR}_doc
'
rm ${SENSOR}.template
```
+
+## Installing Elasticsearch Templates
+
+The stock set of Elasticsearch templates for bro, snort, yaf, error index
and meta index are installed automatically during the first time install and
startup of Metron Indexing service.
+
--- End diff --
Ah okay, this comment and review is the same scenario described in the
README as:
> It is possible that Elasticsearch service is not available when the
Metron Indexing Service startup, in that case the Elasticsearch template will
not be installed. For such a scenario, an Admin can install the template
manually from the Ambari UI by following the below flow:
>
> Ambari UI -> Services -> Metron -> Service Actions -> Elasticsearch
Template Install
---
