I'm using metron 0.3.0 and i run on my cluster machines.
this is the command that i run :
/usr/metron/0.3.0/bin/pcap_query.sh query -st "20160617" -df "yyyyMMdd"
-bop "/apps/metron/out" --query "ip_src_addr == '10.1.80.220' and
ip_src_port == '6667' and ip_dst_addr == '10.1.80.221' and ip_dst_port
== '42885' and protocol == '6'"
i also have try to using pcap_query.sh with fixed option but i still got
the message Could not initialize class java.net.NetworkInterface
Best Regards,
On 07/06/17 20:19, Nick Allen wrote:
You need to provide more information about your environment. What
version of Metron? How are you running Metron (metal, VM, cloud)?
What command did you run?
On Wed, Jun 7, 2017 at 3:27 AM, tkg_cangkul <[email protected]
<mailto:[email protected]>> wrote:
hi Nick,
thx for your reply.
Ok, so i can use Zeppelin for this pcap dashboard.
is there any way to connected the kibana to Zeppelin? i mean is
there any way to select the pcap data to the kibana ui if i embed
it in zeppelin?
By the way, i've tried to use pcap_query tool. but i've found some
error message below :
any suggestion for that?
Best Regards,
On 29/05/17 20:49, Nick Allen wrote:
Right now it is stored in HDFS and then retrieved with the
pcap_query tool. The pcap_query tool can also be embedded in a
Zeppelin Notebook. Of course with this data is in HDFS, you can
integrate with it using your tool of choice.
If you have use cases in mind, please feel free to share.
On Fri, May 26, 2017 at 6:47 AM, tkg_cangkul
<[email protected] <mailto:[email protected]>> wrote:
hi,
i'm trying to using PCAP on metron. i'm using pycapa now and
i've success to store it into kafka and hdfs.
So, what's the main function of PCAP on metron? can i show it
to the dashboard? or it's just stored in hdfs only and read
it by CLI.?
Need Your Advice,
Best Regards,
Tkg_Cangkul
