Github user cestella commented on the issue:
https://github.com/apache/incubator-metron/pull/501
# Testing Plan
## Preliminaries
* Spin up the full-dev environment via `vagrant up` from
`metron-deployment/vagrant/full-dev-platform`
* Stop the "Metron" service in ambari and put it in maintenance mode.
* Stop the sensor stubs
* `service sensor-stubs stop`
* Make sure the bro sensor stub is dead via `for i in $(ps -ef | grep
start-bro-stub | awk '{print $2}');do kill -9 $i;done`
* Install sensors without stubs by running the following from
`metron-deployment/vagrant/full-dev-platform`:
```
vagrant --ansible-tags="sensors,bro,pycapa"
--ansible-skip-tags="solr,flume,snort,yaf,sensor-test-mode" provision
```
* Set some environment variables to indicate `METRON_HOME`:
```
export METRON_HOME=/usr/metron/0.3.1
export HDP_HOME=/usr/hdp/current
```
## Non Kerberized Environment
Ensure that you can see bro data flowing with the base configuration by
running the console consumer and ensuring bro data flows through:
```
${HDP_HOME}/kafka-broker/bin/kafka-console-consumer.sh --bootstrap-server
node1:6667 --zookeeper node1:2181 --topic bro
```
## Kerberized Environment
* Follow steps 1-10, 14-18 of the kerberization instructions for full-dev
[here](https://github.com/mmiklavc/incubator-metron/blob/9ef9d5d97ca654c9120cae5e40eddfe69d6420a8/metron-deployment/vagrant/Kerberos-setup.md).
* Create a new topic called `b_k`
```
export KERB_USER=metron;
${HDP_HOME}/kafka-broker/bin/kafka-topics.sh --zookeeper $ZOOKEEPER:2181
--create --topic b_k --partitions 1 --replication-factor 1
${HDP_HOME}/kafka-broker/bin/kafka-acls.sh --authorizer
kafka.security.auth.SimpleAclAuthorizer --authorizer-properties
zookeeper.connect=node1:2181 --add --allow-principal User:${KERB_USER} --topic
b_k;
```
* Edit `~/consumer.config` to contain the following:
```
group.id=b_k_grp
```
* Edit `/usr/local/bro/share/bro/site/local.bro` to configure the
bro-kafka-plugin with the following (at the end of the document):
```
@load Bro/Kafka/logs-to-kafka.bro
redef Kafka::logs_to_send = set(HTTP::LOG, DNS::LOG);
redef Kafka::topic_name = "b_k";
redef Kafka::tag_json = T;
redef Kafka::kafka_conf = table( ["metadata.broker.list"] = "node1:6667"
, ["security.protocol"] = "SASL_PLAINTEXT"
, ["sasl.kerberos.keytab"] =
"/etc/security/keytabs/metron.headless.keytab"
, ["sasl.kerberos.principal"] =
"met...@example.com"
);
```
* Redeploy bro via `/usr/local/bro/bin/broctl deploy`
* Listen for messages on the `b_k` topic via
```
${HDP_HOME}/kafka-broker/bin/kafka-console-consumer.sh --bootstrap-server
node1:6667 --zookeeper node1:2181 --security-protocol SASL_PLAINTEXT --topic
b_k --new-consumer --consumer.config ~/consumer.config
```
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
