Re: Installation Issues

Syed, Have you checked if Ambari is running on the node? And if it is can you login and check what part the cluster deploy failed at. Regards, Aaron From: Syed Hammad Tahir Sent: Wednesday, 27 September, 06:28 Subject: Installation Issues To: user@metron.apache.org Cc: Muhammad Umar Janjua

Re: Not seeing any Metron alerts.

Probably, though there are things (unlikely things) you can do to templates that would prevent that. > On 26 Sep 2017, at 17:25, Laurens Vets wrote: > > Why would I need to update my ES template? I should see the field (possibly > with the wrong type) anyways in the event

Re: Not seeing any Metron alerts.

After setting is_alert to true, this field is now shown in my event in Kibana. I would expect there also to be a field "threat:triage:level" in those same events (if my rules work?) On 2017-09-25 16:46, zeo...@gmail.com wrote: > I was quickly reading through this on my mobile device so sorry if