from:"Farrukh Naveed Anjum"

Re: Elastic search in metron

2020-03-08 Thread Farrukh Naveed Anjum

pecific to Elastic search version 5.6 . Can I upgrade the > > Elastic search. > > > > Thanks and Regards, > > Hema > > > -- *Best Regards* Farrukh Naveed Anjum *M:* +92 321 5083954 (WhatsApp Enabled) *W:* http://www.farrukhnaveed.net/

Re: Metron with Zeek not working.

2019-12-06 Thread Farrukh Naveed Anjum

bin/kafka-console-producer.sh --broker-list ip1:6667,ip2:6667 --topic > topicname > > bin/kafka-console-consumer.sh --bootstrap-server ip1:6667,ip2:6667 --topic > topicname > Hope this helps. > > Thanks and Regards, > Hema > > On Fri, 6 Dec, 2019, 1:45 PM Farru

Re: Metron with Zeek not working.

2019-12-06 Thread Farrukh Naveed Anjum

Thanks for help Hema, It was port 6667 that i need to send data to. It is working fine with Zeek now. On Fri, Dec 6, 2019 at 1:14 PM Farrukh Naveed Anjum wrote: > Hi, > > Please do find attached detailed configs > > On Fri, Dec 6, 2019 at 1:10 PM Farrukh Naveed Anjum

Re: Metron with Zeek not working.

2019-12-06 Thread Farrukh Naveed Anjum

ards, > Hema > On Fri, 6 Dec, 2019, 11:48 AM Farrukh Naveed Anjum, < > anjum.farr...@gmail.com> wrote: > >> Hi, >> >> Can you please suggest what port I should use. Metron Documentation says >> 6667 (For Kafka) I tried both 6667 and 9092 but did not recei

Re: Metron with Zeek not working.

2019-12-05 Thread Farrukh Naveed Anjum

2-06 09:23:23,434] WARN [Producer clientId=console-producer] >>> Connection to node -3 could not be established. Broker may not be >>> available. (org.apache.kafka.clients.NetworkClient) >>> >>> >>> Any suggesion what can I do ? >>> >>> &

Metron with Zeek not working.

2019-12-05 Thread Farrukh Naveed Anjum

;] = "localhost:6667", ["client.id"] = "bro" ); I have 1 name node, 2 data nodes. Kafa does not seems to be recieving data from either Zeek or Snort. It keep sayings broker may not be avalable stuff. Any suggestion ? -- *Best Regards* Farrukh Naveed Anjum

Re: metron-bro-plugin-kafka error

2019-12-04 Thread Farrukh Naveed Anjum

logs in I see new connection logs being added. However, I dont >> see any messages in Kafka console consumer. What am I missing? How do I go >> about debugging this? >> >> >> >> Thank you for your help and assistance. >> >> >> >> Best regards, >> >> Sanket >> >> >> >> >> >> >> >> >> >> >> -- >> >> *From:* zeo...@gmail.com >> *Sent:* Tuesday, July 2, 2019 11:46 AM >> *To:* user@metron.apache.org >> *Subject:* Re: metron-bro-plugin-kafka error >> >> >> >> Did you install it manual or with bro-pkg/zkg? I believe bro-pkg was >> renamed to zkg as of their 2.0 release but I haven't used it in a little >> while. Any more details regarding the installation process, or versions of >> software in use may be helpful >> >> Jon Zeolla >> >> >> >> On Tue, Jul 2, 2019, 12:26 AM Sanket Sharma >> wrote: >> >> Hi, >> >> >> >> I’m trying to configure Metron bro plugin by following instructions here: >> https://github.com/apache/metron-bro-plugin-kafka >> >> >> >> >> >> I’m able to build/install the plugin successfully but when I test it >> using the command: >> >> >> >> $ bro -N Apache::Kafka >> >> >> >> >> >> I get the following error: >> >> >> >> fatal error in /opt/bro/share/bro/base/init-bare.bro, line 1: cannot load >> plugin library /opt/bro/lib/bro/plugins/APACHE_KAFKA//lib/ >> APACHE-KAFKA.linux-x86_64.so: /opt/bro/lib/bro/plugins/APACHE_KAFKA//lib/ >> APACHE-KAFKA.linux-x86_64.so: undefined symbol: >> bro_version_2_6_558_plugin_7 >> >> >> >> Not sure what am I missing? Any help would be greatly appreciated. >> >> >> >> >> >> Best regards, >> >> Sanket >> >> >> >> >> >> -- *Best Regards* Farrukh Naveed Anjum *M:* +92 321 5083954 (WhatsApp Enabled) *W:* https://www.farrukh.cc/

Re: Profiler Examples Not working

2019-07-22 Thread Farrukh Naveed Anjum

Thanks :) On Mon, Jul 22, 2019 at 3:53 PM Simon Elliston Ball < si...@simonellistonball.com> wrote: > Looks like you did not initialise a profiler. Checkout profiler init, and > the early part of the examples. > > On Mon, 22 Jul 2019 at 11:04, Farrukh Naveed Anjum < >

Profiler Examples Not working

2019-07-22 Thread Farrukh Naveed Anjum

olExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: java.lang.NullPointerException at org.apache.metron.profiler.repl.ProfilerFunctions$ProfilerApply.apply(ProfilerFunctions.java:140) at org.apache.metron.stellar.common.StellarCompiler.lambda$exitTransformationFunc$13(Ste

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-27 Thread Farrukh Naveed Anjum

How can I delete topics and purge Data in Kafka ? On Wed, Mar 27, 2019, 8:16 PM Farrukh Naveed Anjum wrote: > Its in the KAFKA ERROR > > On Mon, Mar 25, 2019, 6:08 PM Michael Miklavcic < > michael.miklav...@gmail.com> wrote: > >> Check out your error index in es o

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-27 Thread Farrukh Naveed Anjum

Its in the KAFKA ERROR On Mon, Mar 25, 2019, 6:08 PM Michael Miklavcic wrote: > Check out your error index in es or solr > > On Mon, Mar 25, 2019, 12:10 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Hi, >> Please do find the attached screens

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-24 Thread Farrukh Naveed Anjum

o change it via the storm settings in Ambari. > > On Sun, Mar 24, 2019, 10:39 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Where should i look slots are there >> >> On Sun, Mar 24, 2019, 10:37 PM Michael Miklavcic < >> michael.miklav.

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-24 Thread Farrukh Naveed Anjum

Any reason i am not getting error in Storm UI On Sun, Mar 24, 2019, 10:50 PM Farrukh Naveed Anjum wrote: > It is 1 > > On Sun, Mar 24, 2019, 10:47 PM Michael Miklavcic < > michael.miklav...@gmail.com> wrote: > >> Check out the storm UI. I'm not in front of a computer

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-24 Thread Farrukh Naveed Anjum

s like messages aren't making it to the enrichment topic. Afa the > indexing topology you might double check that you have enough Storm slots > available. > > On Sun, Mar 24, 2019, 10:26 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Hi, Can you please

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-24 Thread Farrukh Naveed Anjum

Hi, Can you please approve and answer this question? I know user support is optional and voluntary On Sun, Mar 24, 2019 at 7:35 PM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Furthermore, Metron Indexing Process Shows Stopped in Ambari after > starting for few minutes.

Re: Metron 0.7.1 (METRON INDEXING) bug

2019-03-24 Thread Farrukh Naveed Anjum

roblem. with this.. I build 0.7.0 successfully and deployed a month ago but right no neither 0.7.0 and 0.7.1 are working. I installed it on baremetal machine. On Sun, Mar 24, 2019 at 7:32 PM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi, > > I am experiencing the bug in meanwh

Re: Strange Bug (Unable to Start the Metron Indexing)

2019-03-21 Thread Farrukh Naveed Anjum

Any Idea / help will be appericated On Thu, Mar 21, 2019 at 2:56 PM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > 2019-03-21 14:48:54,401 - Retrying after 5 seconds. Reason: Execution of > '/usr/metron/0.7.0/bin/start_hdfs_topology.sh' returned 1. Running: > /usr/jdk64/

Strange Bug (Unable to Start the Metron Indexing)

2019-03-21 Thread Farrukh Naveed Anjum

e.clj:5865) at clojure.lang.RestFn.invoke(RestFn.java:408) at clojure.lang.Var.invoke(Var.java:379) at org.apache.storm.command.config_value.(Unknown Source) -- With Regards Farrukh Naveed Anjum

Re: Help regarding Parser Configuration

2019-02-25 Thread Farrukh Naveed Anjum

:39445 -> 8.8.8.8:53 On Tue, Feb 26, 2019 at 10:32 AM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > { > "_index": "bro_index_2019.02.26.10", > "_type": "bro_doc", > "_id": "2ecb0750-00c5-

Re: Help regarding Parser Configuration

2019-02-20 Thread Farrukh Naveed Anjum

se tell me how can i extract *Classification*, *Priority*, *UDP *(*From*) --> (*To*) IP. How can I extract fields and apply the Parser Chaining in it ? On Wed, Feb 20, 2019 at 10:08 PM Simon Elliston Ball < si...@simonellistonball.com> wrote: > You might like to look into parser

Help regarding Parser Configuration

2019-02-19 Thread Farrukh Naveed Anjum

P From -> To IPs. Can I make some kind of configurations in Bro Parser to get this information Back As *Classification * *Priority * *TCP *From *TCP *To Any guidance will be great help. -- With Regards Farrukh Naveed Anjum

Re: Unable to use Syslog Parser

2019-02-14 Thread Farrukh Naveed Anjum

hing that is possible obviously. > > As a not, this same library is used in nifi for the 5424 processor/ record > reader as well. > > > > > On February 13, 2019 at 05:54:42, Farrukh Naveed Anjum ( > anjum.farr...@gmail.com) wrote: > > Hi, > I am trying to utilize f

Unable to use Syslog Parser

2019-02-13 Thread Farrukh Naveed Anjum

-1.1.0.2.6.5.1050-37.jar:1.1.0.2.6.5.1050-37] at clojure.lang.AFn.run(AFn.java:22) [clojure-1.7.0.jar:?] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_112] -- With Regards Farrukh Naveed Anjum

Unable to find the paths of YAF

2019-02-11 Thread Farrukh Naveed Anjum

Could not find grok statement in HDFS or classpath at /patterns/yaf I am getting this Error in YAF -- With Regards Farrukh Naveed Anjum

Re: Build Stuck up in version 0.7

2019-01-02 Thread Farrukh Naveed Anjum

--- [INFO] Building tar: /root/metron/metron-interface/metron-rest/target/metron-rest-0.7.0-archive.tar.gz I had kept waiting for 1 day to get it done ? Why its taking so long or stucked up. Any help will be appreciated. On Wed, Jan 2, 2019 at 4:01 PM Farrukh Naveed Anjum wrote: > Hi, >

Build Stuck up in version 0.7

2019-01-02 Thread Farrukh Naveed Anjum

/target/metron-rest-0.7.0-archive.tar.gz Any way to resolve this? -- With Regards Farrukh Naveed Anjum

Re: Data Rotation and Deletion Scripts for Metron

2018-12-30 Thread Farrukh Naveed Anjum

Any suggestions ? to get ride of classic data and save up some space. On Wed, Dec 26, 2018 at 8:09 PM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Any exact command / example ? I am using BRO Tool for Log Collection > > On Wed, Dec 26, 2018 at 6:03 PM zeo...@g

Re: Data Rotation and Deletion Scripts for Metron

2018-12-26 Thread Farrukh Naveed Anjum

ob/master/metron-platform/metron-data-management/README.md#pruning-data-from-elasticsearch > > I don't know if the HDFS job still exists or not, but it used to. > > Jon > > On Wed, Dec 26, 2018, 2:06 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Hi

Data Rotation and Deletion Scripts for Metron

2018-12-25 Thread Farrukh Naveed Anjum

. -- With Regards Farrukh Naveed Anjum

Re: Metron Release 0.6.0 fails to compile metron-config

2018-12-03 Thread Farrukh Naveed Anjum

). > > In the following PR you could find some more details about the issue: > https://github.com/apache/metron/pull/1285 > > Hope it helps! > > Regards, > Tibor > -- With Regards Farrukh Naveed Anjum

Re: Metron Release 0.6.0 fails to compile metron-config

2018-11-30 Thread Farrukh Naveed Anjum

Hi, Awaiting answer ? On Fri, Nov 30, 2018, 4:45 PM Farrukh Naveed Anjum I tried hard to run the > mvn clean package -DskipTests -T 2C -P HDP-2.5.0.0,mpack > > but metron-config failed, after reading the comments from one post i tried > to run npm install (in metron-config) folder.

Metron Release 0.6.0 fails to compile metron-config

2018-11-30 Thread Farrukh Naveed Anjum

ot a problem with npm itself npm ERR! enoent and is related to npm not being able to find a file. npm ERR! enoent npm ERR! Please include the following file with any support request: npm ERR! /root/metron/metron-interface/metron-config/npm-debug.log -- With Regards Farrukh Naveed Anjum

Unable to start Enrichment toplolgy

2018-11-01 Thread Farrukh Naveed Anjum

Message was in the join cache too long which may be caused by slow enrichments/threatintels. Increase the maxTimeRetain setting. at org.apache.metron.enrichment.bolt.JoinBolt$ -- With Regards Farrukh Naveed Anjum

Re: Unable to Start Metron REST (With X-PACK)

2018-10-19 Thread Farrukh Naveed Anjum

DB setup steps are manual > for other DB install options. > > On Thu, Oct 18, 2018 at 11:45 PM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Guys, Please help what could be the potential causes ? I am unable to fix >> this problem with Logs. No info th

Re: Unable to Start Metron REST (With X-PACK)

2018-10-18 Thread Farrukh Naveed Anjum

Guys, Please help what could be the potential causes ? I am unable to fix this problem with Logs. No info there ??? On Wed, Oct 17, 2018 at 3:59 PM Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi, > > I have Installed Baremetal 0.6.0 on Ambari 2.6 after installing X

Unable to Start Metron REST (With X-PACK)

2018-10-17 Thread Farrukh Naveed Anjum

-10-17 12:46:35,925 - Skipping stack-select on METRON because it does not exist in the stack-select package structure. Rather It keep sayings this info message. Any Idea What should I do ? -- With Regards Farrukh Naveed Anjum

How to Create elasticsearch-xpack-shaded-5.6.2.jar

2018-10-10 Thread Farrukh Naveed Anjum

Hi, I am trying to create elasticsearch-xpack-shaded-5.6.2.jar Can some one please send me its downloadable link or steps how can I create this ? -- With Regards Farrukh Naveed Anjum

Re: Upgrading to Elasticsearch 5.6

2018-10-06 Thread Farrukh Naveed Anjum

ork on other > 5.x installations due to the variability of the API. Once the shift to REST > occurs, there should be more stable support for incremental ES versions in > Metron. > > On Fri, Oct 5, 2018 at 11:05 AM Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >>

Upgrading to Elasticsearch 5.6

2018-10-03 Thread Farrukh Naveed Anjum

[None of the configured nodes are available: [{#transport#-1}{127.0.0.1}{cogito/127.0.0.1:9300}]] at org.elasticsearch.client.transport.TransportClientNodesService.ensureNodes Any idea how to resolve this ? -- With Regards Farrukh Naveed Anjum

Upgrading to ElasticSearch 6 (GEOPoints)

2018-10-02 Thread Farrukh Naveed Anjum

;*", "mapping": { "type": "float" } } }, { "geo_longitude": { "match": "enrichments:geo:*:longitude", "match_mapping_type": "*", "mapping": { "type": "float" } } }, -- With Regards Farrukh Naveed Anjum

CEF Parser not Indexing data via Nifi (SysLogs)

2018-07-20 Thread Farrukh Naveed Anjum

tried bro for it. But even it keeps giving PARSER Error. Any help ? Fast will be apperciated. -- With Regards Farrukh Naveed Anjum

Re: Parser Error while Snort IDS usage

2018-06-28 Thread Farrukh Naveed Anjum

or’s dateFormat > > https://metron.apache.org/current-book/metron-platform/ > metron-parsers/index.html shows a sample. See ‘Sample configuration for > a sensor’. > > > On June 28, 2018 at 02:16:42, Farrukh Naveed Anjum ( > anjum.farr...@gmail.com) wrote: > > Hi, > >

Parser Error while Snort IDS usage

2018-06-28 Thread Farrukh Naveed Anjum

/28-02:06:47.976325 ,1,384,5,"ICMP PING",ICMP,92.222.185.1,,158.69.118.104,,00:FF:FF:FF:FF:FD,0C:C4:7A:79:83:7C,0x3C,,10,8,1,32,32768,8,0,53517,1 06/28-02:06:47.976378 ,1,408,5,"ICMP Echo Reply",ICMP,158.69.118.104,,92.222.185.1,,0C:C4:7A:79:83:7C,00:FF:FF:FF:FF:FF,0x2E,,64,8,16112,32,32768,0,0,53517,1 06/28-02:06:50.865988 ,1,384,5,"ICMP PING",ICMP,167.114.37.1,,158.69.118.104,,00:FF:FF:FF:FF:FD,0C:C4:7A:79:83:7C,0x3C,,12,8,1,32,32768,8,0,743,1 06/28-02:06:50.866029 ,1,408,5,"ICMP Echo Reply",ICMP,158.69.118.104,,167.114.37.1,,0C:C4:7A:79:83:7C,00:FF:FF:FF:FF:FF,0x2E,,64,8,21484,32,32768,0,0,743,1 06/28-02:06:50.945076 ,1,384,5,"ICMP PING",ICMP,92.222.186.1,,158.69.118.104,,00:FF:FF:FF:FF:FD,0C:C4:7A:79:83:7C,0x3C,,10,8,1,32,32768,8,0,65520,1 06/28-02:06:50.945110 ,1,408,5,"ICMP Echo Reply",ICMP,158.69.118.104,,92.222.186.1,,0C:C4:7A:79:83:7C,00:FF:FF:FF:FF:FF,0x2E,,64,8,5723,32,32768,0,0,65520,1 06/28-02:06:51.060311 ,1,384,5,"ICMP PING",ICMP,92.222.184.1,,158.69.118.104,,00:FF:FF:FF:FF:FD,0C:C4:7A:79:83:7C,0x3C,,11,8,1,32,32768,8,0,33127,1 06/28-02:06:51.060362 ,1,408,5,"ICMP Echo Reply",ICMP,158.69.118.104,,92.222.184.1,,0C:C4:7A:79:83:7C,00:FF:FF:FF:FF:FF,0x2E,,64,8,21176,32,32768,0,0,33127,1 -- With Regards Farrukh Naveed Anjum

TAXII Feeds with Metron

2018-05-20 Thread Farrukh Naveed Anjum

could not be found. Any help how to install it as service and integrate it with metron will be appreciated ? -- With Regards Farrukh Naveed Anjum

Map visualizations (Geo Map) not working in Kibana

2018-03-27 Thread Farrukh Naveed Anjum

Hi, I hope you guy also saw the issue of mapquest.com charging now for API Key. Is there any fix to it ? -- With Regards Farrukh Naveed Anjum

Metron 0.4.3 (bug)

2018-01-24 Thread Farrukh Naveed Anjum

Metron Management UI Keeps Loading, No error is logged in error logs. -- With Regards Farrukh Naveed Anjum

Metron 0.4.2 Compile Error

2018-01-24 Thread Farrukh Naveed Anjum

p 1] -- With Regards Farrukh Naveed Anjum

Re: Indexing Bolt Error

2018-01-24 Thread Farrukh Naveed Anjum

Any Idea how to fix this up ? On Wed, Jan 24, 2018 at 1:27 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi, > > I am getting this error while starting up squid parsing again. Upon > restarting *Apache Strom* Indexing Bolt is showing up this error any id

Indexing Bolt Error

2018-01-24 Thread Farrukh Naveed Anjum

(util.clj:484) [storm-core-1.0.1.2.5.3.0-37.jar:1.0.1.2.5.3.0-37] at clojure.lang.AFn.run(AFn.java:22) [clojure-1.7.0.jar:?] at java.lang.Thread.run(Thread.java:745) [?:1.8.0_77] -- With Regards Farrukh Naveed Anjum

Re: SysLog using CEF Parser (RSysLogs)

2018-01-22 Thread Farrukh Naveed Anjum

Any suggestion how to fix that ? On Mon, Jan 22, 2018 at 9:01 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi Simon, > > Thanks for replying yes, these are indexing bolt errors. I am basically > trying to forward RSyslog via Nifi. It comes down all the way til

Re: SysLog using CEF Parser (RSysLogs)

2018-01-22 Thread Farrukh Naveed Anjum

Even I am stuck with the same, and dont know how to solve the issue. > > Looks like this is a parsing error > > On 22 January 2018 at 13:00, Farrukh Naveed Anjum <anjum.farr...@gmail.com > > wrote: > >> Hi, >> >> I am trying to Ingest syslog using CEF Pa

Re: Getting Syslogs to Metron

2018-01-21 Thread Farrukh Naveed Anjum

Hi Guys, Its seems like we are able to make NIFI connection and data indeed is going through KAFKA Topic yet using CEF Parser (SysLogs) we are unable to create the elastic search index. On Mon, Jan 22, 2018 at 12:32 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > H

Re: Getting Syslogs to Metron

2018-01-21 Thread Farrukh Naveed Anjum

wrote: > But I cant find how to configure it > > On 16 January 2018 at 11:38, Farrukh Naveed Anjum <anjum.farr...@gmail.com > > wrote: > >> yes, do configure it as per metron reference usecase >> >> On Tue, Jan 16, 2018 at 8:35 AM, Gaurav Bapat <gauravb3..

Re: Metron Reference Application (Profiling Your Streams Fails)

2018-01-15 Thread Farrukh Naveed Anjum

ang.Thread.run(Thread.java:748) On Tue, Jan 16, 2018 at 11:14 AM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Thanks, > > It seems to have worked for me. > > On Mon, Jan 15, 2018 at 7:37 PM, Simon Elliston Ball < > si...@simonellistonball.com> wrote:

Re: Metron Reference Application (Profiling Your Streams Fails)

2018-01-15 Thread Farrukh Naveed Anjum

Thanks, It seems to have worked for me. On Mon, Jan 15, 2018 at 7:37 PM, Simon Elliston Ball < si...@simonellistonball.com> wrote: > Looks like a docs typo on the wiki: > > What you need is CONFIG_PUT(“PROFILER”, profilerConfig) > > Simon > > > On 15 Jan 2018,

Re: Getting Syslogs to Metron

2018-01-15 Thread Farrukh Naveed Anjum

from Kafka is what I am getting in Kafka, >>>> am I missing some configuration with Kafka? >>>> >>>> On 15 January 2018 at 16:50, Gaurav Bapat <gauravb3...@gmail.com> >>>> wrote: >>>> >>>>> Hi Farrukh, >>>&g

Re: Getting Syslogs to Metron

2018-01-15 Thread Farrukh Naveed Anjum

16 GB RAM and I have allocated 12 GB > RAM to my vagrant VM. > > I dont understand how to configure Kafka broker because it is giving me > failed while waiting for acks to Kafka > > > > On 15 January 2018 at 16:10, Farrukh Naveed Anjum <anjum.farr...@gmail.com > >

Re: Metron Reference Application (Profiling Your Streams Fails)

2018-01-15 Thread Farrukh Naveed Anjum

Can you help on this ? On Mon, Jan 15, 2018 at 3:42 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Any Idea of getting ride of this problem ? > > On Mon, Jan 15, 2018 at 3:38 PM, Farrukh Naveed Anjum < > anjum.farr...@gmail.com> wrote: > >> Hi, >

Re: Metron Reference Application (Profiling Your Streams Fails)

2018-01-15 Thread Farrukh Naveed Anjum

Any Idea of getting ride of this problem ? On Mon, Jan 15, 2018 at 3:38 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi, > > I am trying to setup up Metron Reference Application (SQUID) Example given > on main metron website. > > I am facing a proble

Re: Getting Syslogs to Metron

2018-01-15 Thread Farrukh Naveed Anjum

with broker config, how to configure Kafka and Zookeeper port? > > On 15 January 2018 at 13:23, Farrukh Naveed Anjum <anjum.farr...@gmail.com > > wrote: > >> Hi, >> >> I had similar issue it turned out to be the issue in STROM >> >> No wor

Metron Reference Application (Profiling Your Streams Fails)

2018-01-15 Thread Farrukh Naveed Anjum

:152) at org.apache.metron.stellar.common.shell.StellarExecutor.execute(StellarExecutor.java:287) at org.apache.metron.stellar.common.shell.StellarShell.handleStellar(StellarShell.java:270) at org.apache.metron.stellar.common.shell.StellarShell.execute(StellarShell.java:409) at org.jboss.aesh.console.AeshProcess.run(AeshProcess.java:53) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) How can I solve this problem -- With Regards Farrukh Naveed Anjum

Re: ElasticSearch Indexing not working (Strom Error)

2018-01-10 Thread Farrukh Naveed Anjum

elasticsearch index. Any Idea where can I debug why indcies are not being created. I can confirm Elasticsearch is up and running. On Wed, Jan 10, 2018 at 7:45 PM, Otto Fowler <ottobackwa...@gmail.com> wrote: > Please reply to the list > > > On January 10, 2018 at 09:37:45, Fa

Re: ElasticSearch Indexing not working (Strom Error)

2018-01-10 Thread Farrukh Naveed Anjum

Please some one respond On Mon, Jan 8, 2018 at 1:10 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > Hi, > > I am unable to see any ElasticSearch Index in kibana or in elasticsearch > plugin > > http://node1:9200/_plugin/head/ > > After loo

Re: Installing Metron 0.4.1

2018-01-09 Thread Farrukh Naveed Anjum

ed at the package.json file in >>> /home/admin/metron/metron-interface/metron-config/ >>> and noticed that tough-cookie is not listed as a dependency. >>> >>> I tried npm install tough-cookie in that directory and when I re-run the >>> mvn command it doesn't fail on the tough-cookie dependency, but it does >>> fail on another missing dependency. >>> >>> If there is any insight you could provide to help me get metron set up, >>> it would be greatly appreciated. >>> >>> Thank you for your time. >>> >>> -Tarik >>> >> >> > -- With Regards Farrukh Naveed Anjum

ElasticSearch Indexing not working (Strom Error)

2018-01-08 Thread Farrukh Naveed Anjum

at org.apache.metron.enrichment.adapters.geo.GeoLiteDatabase.update(GeoLiteDatabase.java:150) at org.apache.metron.enrichm -- With Regards Farrukh Naveed Anjum

Re: Metron 0.4.0 on CentOS (Ambari Host Regisration Problem)

2017-12-19 Thread Farrukh Naveed Anjum

NodeJS and NPM needed for the metron-config is using tough-cookie which somewhat forced me updating node from 0.10 to 4.x which i did. Now, Its caught up in this problem. On Tue, Dec 19, 2017 at 10:00 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com> wrote: > I am doing bare meta

Re: Metron 0.4.0 on CentOS (Ambari Host Regisration Problem)

2017-12-19 Thread Farrukh Naveed Anjum

install exactly? Everything manual? Or with an > Ansible playbook? > > Is it possible you created a user which is not allowed to run mkdir etc? > > On 2017-12-19 08:55, Farrukh Naveed Anjum wrote: > > It is strange and odd. I installed NodeJS and NPM which resulted in > remov

Re: Metron 0.4.0 on CentOS (Ambari Host Regisration Problem)

2017-12-19 Thread Farrukh Naveed Anjum

i Farrukh, > > How come you don't have the commands 'mkdir', 'chown' & 'chmod' on node1? > > On 2017-12-19 02:42, Farrukh Naveed Anjum wrote: > > Hi, > I am trying to install the Metron 0.4.0 ( Cent OS 6) following error is > coming up > > >

Re: SysLog Parser in Metron

2017-10-25 Thread Farrukh Naveed Anjum

then > route each application in the syslog to a different kafka topic. That way > you have kafka topics for each type of data you care about eg sshd, login, > cups... whatever. From there it’s easiest to use a grok parser in metron to > pull out the fields. There are many prebuilt patterns

Re: Kibana Error

2017-10-25 Thread Farrukh Naveed Anjum

Its a bug reported in metron, Look into barematel guide, Turn Red to green Cluster google it. On Oct 25, 2017 1:21 PM, "Syed Hammad Tahir" wrote: > SHould I do it from here? If yes then please guide me how to > > [image: Inline image 1] > > On Wed, Oct 25, 2017 at 1:17

SysLog Parser in Metron

2017-10-24 Thread Farrukh Naveed Anjum

Hi, How can I get syslog in metron any help (pattern / parser). Kindly help ? -- With Regards Farrukh Naveed Anjum

71 matches

Mail list logo