Re: Kibana Error

What do you see when you go here? http://node1:9200/_cat/health?v You can also get the Elasticsearch Head Plugin for Chrome, which is very useful and will be compatible with 5.x versions of Elasticsearch when Metron upgrades (plugins from 2.x are no longer available in v5.6).

Re: Kibana Error

1 thing of the top of my head. You might have to make sure elasticsearch is configured as master & datanode. On 2017-10-25 10:13, Syed Hammad Tahir wrote: > I killed it via terminal and then restarted it. Still the same thing, cant > load the page when I go to elasticsearch health shortlink in

Re: Kibana Error

I killed it via terminal and then restarted it. Still the same thing, cant load the page when I go to elasticsearch health shortlink in ambari. On Wed, Oct 25, 2017 at 5:16 PM, Simon Elliston Ball < si...@simonellistonball.com> wrote: > Ok, this is an elastic problem which prevents it shutting

Re: SysLog Parser in Metron

Thanks, it was helpful On Wed, Oct 25, 2017 at 7:29 PM, Ahmed Shah wrote: > Hello Farrukh, > > > Our team was able to report simple Dionaea alerts to Metron using syslog > v8 (not encrypted). > > > > The source code for our project is here: > >

Re: Kibana Error

Ok, this is an elastic problem which prevents it shutting down. Find the elastic processes, kill them, and start it up again. > On 25 Oct 2017, at 13:15, Syed Hammad Tahir wrote: > > Just gave the command but its stuck here. I restart it earleir via ambari > after

Re: Kibana Error

Just gave the command but its stuck here. I restart it earleir via ambari after changing heapsize. Now doing it via console [image: Inline image 1] On Wed, Oct 25, 2017 at 5:13 PM, Simon Elliston Ball < si...@simonellistonball.com> wrote: > That just shows running, not health. The problem is

Re: Kibana Error

That just shows running, not health. The problem is that it is not responding. I assume you have tried restarting elastic. > On 25 Oct 2017, at 13:12, Syed Hammad Tahir wrote: > > It shows healthy > > > But when I click in any quick link it shows this > > > > On

Re: Kibana Error

Did you check the elastic service was running and healthy with the health checks. Try a few of the quick links from the elastic section in ambari. > On 25 Oct 2017, at 13:05, Syed Hammad Tahir wrote: > > I have increased size to 2048mb. Still seeing it > > > > On Wed,

Re: Kibana Error

I have increased size to 2048mb. Still seeing it [image: Inline image 1] On Wed, Oct 25, 2017 at 3:45 PM, Simon Elliston Ball < si...@simonellistonball.com> wrote: > I strongly suggest you spend some time learning about elastic search and > some of the basic components. This is not a bug, it’s

Re: Kibana Error

I strongly suggest you spend some time learning about elastic search and some of the basic components. This is not a bug, it’s that elastic is down. The default heap (use the ambari search in the elastic section) is probably set too low. The default is 128m. Change this to more, probably more

Re: Kibana Error

Sorry, I didnt understand. Which baremetal guide should I look into? And I googled it and found no help. Please help me guys, there are bigger issues at hand and I cant afford to waste much time on this problem :( On Wed, Oct 25, 2017 at 1:31 PM, Farrukh Naveed Anjum < anjum.farr...@gmail.com>

Re: Kibana Error

Its a bug reported in metron, Look into barematel guide, Turn Red to green Cluster google it. On Oct 25, 2017 1:21 PM, "Syed Hammad Tahir" wrote: > SHould I do it from here? If yes then please guide me how to > > [image: Inline image 1] > > On Wed, Oct 25, 2017 at 1:17

Re: SysLog Parser in Metron

Short answer: grok parsers. Longer answer: syslog is more a transport, not just a log format, so it encapsulates a wide variety of data sources. Your best bet is probably to use NiFi to listen for syslog from a remote host (ListenSyslog) and then route each application in the syslog to a