I don know where this is going. I will restart the PC tomorrow to reload
everything from scratch. I repeat, I have done the single node vagrant
based installation on my ubuntu pc (core i7/32GB/1TB). I was supposed to
push snort logs (tcpdump format) to metron but then I was hit by this
issue. My domain is mid-level machine learning or datascience hence I might
not even know things which are required.
On Wed, Oct 25, 2017 at 10:40 PM, Michael Miklavcic <
michael.miklav...@gmail.com> wrote:
> Health should look something like this, if you grab it from the Head
> plugin.
>
> {
> "cluster_name": "metron",
> *"status": "yellow",*
> "timed_out": false,
> *"number_of_nodes": 1,*
> *"number_of_data_nodes": 1*,
> "active_primary_shards": 15,
> "active_shards": 15,
> "relocating_shards": 0,
> "initializing_shards": 0,
> "unassigned_shards": 15,
> "delayed_unassigned_shards": 0,
> "number_of_pending_tasks": 0,
> "number_of_in_flight_fetch": 0,
> "task_max_waiting_in_queue_millis": 0,
> "active_shards_percent_as_number": 50
> }
>
> On Wed, Oct 25, 2017 at 11:38 AM, Michael Miklavcic <
> michael.miklav...@gmail.com> wrote:
>
>> What do you see when you go here?
>> http://node1:9200/_cat/health?v
>>
>> You can also get the Elasticsearch Head Plugin for Chrome, which is very
>> useful and will be compatible with 5.x versions of Elasticsearch when
>> Metron upgrades (plugins from 2.x are no longer available in v5.6).
>> https://chrome.google.com/webstore/detail/elasticsear
>> ch-head/ffmkiejjmecolpfloofpjologoblkegm
>>
>> Just plugin the address http://node1:9200/ and hit connect. I believe
>> our default status is "yellow." But that should be sufficient.
>>
>> I also second Simon's comments about reading up on Elasticsearch.
>>
>> Best,
>> Mike Miklavcic
>>
>>
>> On Wed, Oct 25, 2017 at 11:13 AM, Syed Hammad Tahir <mscs16...@itu.edu.pk
>> > wrote:
>>
>>> I killed it via terminal and then restarted it. Still the same thing,
>>> cant load the page when I go to elasticsearch health shortlink in ambari.
>>>
>>> On Wed, Oct 25, 2017 at 5:16 PM, Simon Elliston Ball <
>>> si...@simonellistonball.com> wrote:
>>>
>>>> Ok, this is an elastic problem which prevents it shutting down. Find
>>>> the elastic processes, kill them, and start it up again.
>>>>
>>>>
>>>> On 25 Oct 2017, at 13:15, Syed Hammad Tahir <mscs16...@itu.edu.pk>
>>>> wrote:
>>>>
>>>> Just gave the command but its stuck here. I restart it earleir via
>>>> ambari after changing heapsize. Now doing it via console
>>>>
>>>> <image.png>
>>>>
>>>> On Wed, Oct 25, 2017 at 5:13 PM, Simon Elliston Ball <
>>>> si...@simonellistonball.com> wrote:
>>>>
>>>>> That just shows running, not health. The problem is that it is not
>>>>> responding. I assume you have tried restarting elastic.
>>>>>
>>>>> On 25 Oct 2017, at 13:12, Syed Hammad Tahir <mscs16...@itu.edu.pk>
>>>>> wrote:
>>>>>
>>>>> It shows healthy
>>>>> <image.png>
>>>>>
>>>>> But when I click in any quick link it shows this
>>>>>
>>>>> <image.png>
>>>>>
>>>>> On Wed, Oct 25, 2017 at 5:07 PM, Simon Elliston Ball <
>>>>> si...@simonellistonball.com> wrote:
>>>>>
>>>>>> Did you check the elastic service was running and healthy with the
>>>>>> health checks. Try a few of the quick links from the elastic section in
>>>>>> ambari.
>>>>>>
>>>>>> On 25 Oct 2017, at 13:05, Syed Hammad Tahir <mscs16...@itu.edu.pk>
>>>>>> wrote:
>>>>>>
>>>>>> I have increased size to 2048mb. Still seeing it
>>>>>>
>>>>>> <image.png>
>>>>>>
>>>>>> On Wed, Oct 25, 2017 at 3:45 PM, Simon Elliston Ball <
>>>>>> si...@simonellistonball.com> wrote:
>>>>>>
>>>>>>> I strongly suggest you spend some time learning about elastic search
>>>>>>> and some of the basic components. This is not a bug, it’s that elastic
>>>>>>> is
>>>>>>> down. The default heap (use the ambari search in the elastic section) is
>>>>>>> probably set too low. The default is 128m. Change this to more, probably
>>>>>>> more like 2048m.
>>>>>>>
>>>>>>> Essential background reading for metron is an understanding of
>>>>>>> elastic search, kafka, hadoop (hdfs in particular) and Linux. Our docs
>>>>>>> will
>>>>>>> assume you have at least some familiarity with those technologies.
>>>>>>>
>>>>>>> Simon
>>>>>>>
>>>>>>> On 25 Oct 2017, at 11:40, Syed Hammad Tahir <mscs16...@itu.edu.pk>
>>>>>>> wrote:
>>>>>>>
>>>>>>> Sorry, I didnt understand. Which baremetal guide should I look into?
>>>>>>> And I googled it and found no help. Please help me guys, there are
>>>>>>> bigger
>>>>>>> issues at hand and I cant afford to waste much time on this problem :(
>>>>>>>
>>>>>>> On Wed, Oct 25, 2017 at 1:31 PM, Farrukh Naveed Anjum <
>>>>>>> anjum.farr...@gmail.com> wrote:
>>>>>>>
>>>>>>>> Its a bug reported in metron,
>>>>>>>>
>>>>>>>> Look into barematel guide, Turn Red to green Cluster google it.
>>>>>>>>
>>>>>>>> On Oct 25, 2017 1:21 PM, "Syed Hammad Tahir" <mscs16...@itu.edu.pk>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> SHould I do it from here? If yes then please guide me how to
>>>>>>>>>
>>>>>>>>> <image.png>
>>>>>>>>>
>>>>>>>>> On Wed, Oct 25, 2017 at 1:17 PM, Simon Elliston Ball <
>>>>>>>>> si...@simonellistonball.com> wrote:
>>>>>>>>>
>>>>>>>>>> Your elastic search instance has died. Try given it more heap
>>>>>>>>>> size in the elastic section on ambari.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> > On 25 Oct 2017, at 09:16, Syed Hammad Tahir <
>>>>>>>>>> mscs16...@itu.edu.pk> wrote:
>>>>>>>>>> >
>>>>>>>>>> > When I try to open node1:5000 I see this.
>>>>>>>>>> >
>>>>>>>>>> > <image.png>
>>>>>>>>>> >
>>>>>>>>>> > What could be the problem and its solution?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>
