Github user mmiklavc commented on the issue:
https://github.com/apache/metron/pull/840
Ok, the Metron error dashboard is in now. I'll add some additional testing
instructions tomorrow, but this PR should be ready for some more vigorous
testing. The most easily accessible e2e place to start is with the Kibana
dashboards. Checking Kibana minimally proves that data is flowing through the
system with the new versions of Elasticsearch and Kibana. The default main
dashboard should come up immediately with Bro and Snort data only.
I recommend first stopping some services:
```
service monit stop
storm kill profiler
```
Yaf is not enabled by default, but you can start the Yaf topology and turn
on all sensor stubs by doing the following:
```
# start yaf parser topology
export METRON_HOST=node1
export ZOOKEEPER=${METRON_HOST}:2181
export BROKERLIST=${METRON_HOST}:6667
export METRON_VERSION=0.4.2
export METRON_HOME=/usr/metron/${METRON_VERSION}
$METRON_HOME/bin/start_parser_topology.sh -k $BROKERLIST -z $ZOOKEEPER -s
yaf
# start the yaf sensor stub
service sensor-stubs start yaf
```
Now publish some intentionally bad data to each of the topics so we can
check the error dashboard.
```
# publish error data on a cycle
cycleval=1;
while true;
do
if [ $cycleval -ne 0 ];
then
datestamp=$(date "+%s");
cycleval=0;
else
cycleval=1;
fi;
echo "bro-garbage-" $datestamp |
/usr/hdp/current/kafka-broker/bin/kafka-console-producer.sh --broker-list
$BROKERLIST --topic bro;
echo "snort-garbage-" $datestamp |
/usr/hdp/current/kafka-broker/bin/kafka-console-producer.sh --broker-list
$BROKERLIST --topic snort;
echo "yaf-garbage-" $datestamp |
/usr/hdp/current/kafka-broker/bin/kafka-console-producer.sh --broker-list
$BROKERLIST --topic yaf;
sleep 2;
done;
```
---
