ed de created METRON-1256:
-----------------------------
Summary: CEF parser only finding "Found %d groups" for ZScalar
traffic
Key: METRON-1256
URL: https://issues.apache.org/jira/browse/METRON-1256
Project: Metron
Issue Type: Bug
Affects Versions: 0.4.1
Environment: apache metron 0.4.1 in AWS, being fed zscalar traffic in
CEF format.
Reporter: ed de
Zscalar logs are flowing from zscalar -> nifi -> kafka -> storm.
storm logs are showing the following INFO message:
2017-09-26 18:02:49.974 o.a.m.p.c.CEFParser [INFO] Found %d groups
The concern is that the logs are not actually being processed and this error
message indicates a loss of visibility in the logs parsing. If this is not
true, then maybe the message can be modified to reflect this?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
