Re: HBaseDao and IndexDao abstraction

Hi All, I have got a solution for this using SHEW ( Simple HBase Enrichment Writer ) which is documented in confluence but not in metron current book documentation

Re: HBaseDao and IndexDao abstraction

Mike, Thanks for replying. I had gone through it already and we are indexing our Active Directory logs to hdfs by streaming from Splunk. But I have a requirement of maintaining Active Directory asset inventory ( Just list of asset and their status not historic data) along with AD event indexing.

Re: HBaseDao and IndexDao abstraction

Hi Muhammed, I think you probably want to start with our parser infrastructure rather than the DAO's for what you're doing. This series of blog posts gives a use case driven walkthrough that should help shed some light on things: Part 1 (start here) -