Github user cestella commented on the issue: https://github.com/apache/incubator-metron/pull/501 # Testing Plan ## Preliminaries * Spin up the full-dev environment via `vagrant up` from `metron-deployment/vagrant/full-dev-platform` * Stop the "Metron" service in ambari and put it in maintenance mode. * Stop the sensor stubs * `service sensor-stubs stop` * Make sure the bro sensor stub is dead via `for i in $(ps -ef | grep start-bro-stub | awk '{print $2}');do kill -9 $i;done` * Install sensors without stubs by running the following from `metron-deployment/vagrant/full-dev-platform`: ``` vagrant --ansible-tags="sensors,bro,pycapa" --ansible-skip-tags="solr,flume,snort,yaf,sensor-test-mode" provision ``` * Set some environment variables to indicate `METRON_HOME`: ``` export METRON_HOME=/usr/metron/0.3.1 export HDP_HOME=/usr/hdp/current ``` ## Non Kerberized Environment Ensure that you can see bro data flowing with the base configuration by running the console consumer and ensuring bro data flows through: ``` ${HDP_HOME}/kafka-broker/bin/kafka-console-consumer.sh --bootstrap-server node1:6667 --zookeeper node1:2181 --topic bro ``` ## Kerberized Environment * Follow steps 1-10, 14-18 of the kerberization instructions for full-dev [here](https://github.com/mmiklavc/incubator-metron/blob/9ef9d5d97ca654c9120cae5e40eddfe69d6420a8/metron-deployment/vagrant/Kerberos-setup.md). * Create a new topic called `b_k` ``` export KERB_USER=metron; ${HDP_HOME}/kafka-broker/bin/kafka-topics.sh --zookeeper $ZOOKEEPER:2181 --create --topic b_k --partitions 1 --replication-factor 1 ${HDP_HOME}/kafka-broker/bin/kafka-acls.sh --authorizer kafka.security.auth.SimpleAclAuthorizer --authorizer-properties zookeeper.connect=node1:2181 --add --allow-principal User:${KERB_USER} --topic b_k; ``` * Edit `~/consumer.config` to contain the following: ``` group.id=b_k_grp ``` * Edit `/usr/local/bro/share/bro/site/local.bro` to configure the bro-kafka-plugin with the following (at the end of the document): ``` @load Bro/Kafka/logs-to-kafka.bro redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG); redef Kafka::topic_name = "b_k"; redef Kafka::tag_json = T; redef Kafka::kafka_conf = table( ["metadata.broker.list"] = "node1:6667" , ["security.protocol"] = "SASL_PLAINTEXT" , ["sasl.kerberos.keytab"] = "/etc/security/keytabs/metron.headless.keytab" , ["sasl.kerberos.principal"] = "met...@example.com" ); ``` * Redeploy bro via `/usr/local/bro/bin/broctl deploy` * Listen for messages on the `b_k` topic via ``` ${HDP_HOME}/kafka-broker/bin/kafka-console-consumer.sh --bootstrap-server node1:6667 --zookeeper node1:2181 --security-protocol SASL_PLAINTEXT --topic b_k --new-consumer --consumer.config ~/consumer.config ```
--- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---