where i can find the start_snort_producer.sh script? i didn't see it
inside my metron_home dir
On 22/03/17 23:54, Otto Fowler wrote:
One time, I saw an issue where the flume agent did not have the
correct rights
to access the csv, so died a horrible death.
We don’t use flume any longer however. I would want to take a look at
the log files
for what is reading the snort csv.
I believe the start_snort_producer.sh script is used now. I am not
sure about the logs,
but maybe you can try to run that manually and see the output?
On March 22, 2017 at 11:38:53, tkg_cangkul (yuza.ras...@gmail.com
<mailto:yuza.ras...@gmail.com>) wrote:
anyone can help me to solved this?
On 22/03/17 15:24, tkg_cangkul wrote:
hi, i've try to using snort as a sensor on metron in my ambari cluster.
now i've a problem. the snort topology doesn't emitted the data
automatically.
i must send the messages to kafka manually to emitted the data.
/cat /var/log/snort/alert.csv | bin/kafka-console-producer.sh
--broker-list localhost:6667 --topic snort/
any suggest about this?
