This is an automated email from the ASF dual-hosted git repository. rmerriman pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/metron.git
The following commit(s) were added to refs/heads/master by this push: new 8d7ce16 METRON-2064 Metron REST API overwriting global.json values (merrimanr) closes apache/metron#1376 8d7ce16 is described below commit 8d7ce165050619abf3d8be600ba4c8655b6ad0ed Author: merrimanr <merrim...@gmail.com> AuthorDate: Fri Apr 12 09:47:24 2019 -0500 METRON-2064 Metron REST API overwriting global.json values (merrimanr) closes apache/metron#1376 --- metron-platform/metron-common/README.md | 59 +++++++++++++++++++-------------- metron-platform/metron-solr/README.md | 4 +-- 2 files changed, 37 insertions(+), 26 deletions(-) diff --git a/metron-platform/metron-common/README.md b/metron-platform/metron-common/README.md index cbea9dd..40f1289 100644 --- a/metron-platform/metron-common/README.md +++ b/metron-platform/metron-common/README.md @@ -80,30 +80,41 @@ This configuration is stored in zookeeper, but looks something like Various parts of our stack uses the global config are documented throughout the Metron documentation, but a convenient index is provided here: -| Property Name | Subsystem | Type | Ambari Property | -|---------------------------------------------------------------------------------------------------------------------|---------------|------------|----------------------------| -| [`es.clustername`](../metron-elasticsearch#esclustername) | Indexing | String | `es_cluster_name` | -| [`es.ip`](../metron-elasticsearch#esip) | Indexing | String | `es_hosts` | -| [`es.port`](../metron-elasticsearch#esport) | Indexing | String | `es_port` | -| [`es.date.format`](../metron-elasticsearch#esdateformat) | Indexing | String | `es_date_format` | -| [`es.client.settings`](../metron-elasticsearch#esclientsettings) | Indexing | Object | N/A | -| [`fieldValidations`](#validation-framework) | Parsing | Object | N/A | -| [`parser.error.topic`](../metron-parsers#parsererrortopic) | Parsing | String | N/A | -| [`stellar.function.paths`](../../metron-stellar/stellar-common#stellarfunctionpaths) | Stellar | CSV String | N/A | -| [`stellar.function.resolver.includes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes) | Stellar | CSV String | N/A | -| [`stellar.function.resolver.excludes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes) | Stellar | CSV String | N/A | -| [`profiler.period.duration`](../../metron-analytics/metron-profiler#profilerperiodduration) | Profiler | Integer | `profiler_period_duration` | -| [`profiler.period.duration.units`](../../metron-analytics/metron-profiler#profilerperioddurationunits) | Profiler | String | `profiler_period_units` | -| [`profiler.writer.batchSize`](../../metron-analytics/metron-profiler/#profilerwriterbatchsize) | Profiler | Integer | N/A | -| [`profiler.writer.batchTimeout`](../../metron-analytics/metron-profiler/#profilerwriterbatchtimeout) | Profiler | Integer | N/A | -| [`update.hbase.table`](../metron-indexing#updatehbasetable) | REST/Indexing | String | `update_hbase_table` | -| [`update.hbase.cf`](../metron-indexing#updatehbasecf) | REST/Indexing | String | `update_hbase_cf` | -| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile) | Enrichment | String | `geo_hdfs_file` | -| [`enrichment.writer.batchSize`](../metron-enrichment#enrichmentwriterbatchsize) | Enrichment | Integer | N/A | -| [`enrichment.writer.batchTimeout`](../metron-enrichment#enrichmentwriterbatchtimeout) | Enrichment | Integer | N/A | -| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile) | Enrichment | String | `geo_hdfs_file` | -| [`source.type.field`](../../metron-interface/metron-alerts#sourcetypefield) | UI | String | `source_type_field` | -| [`threat.triage.score.field`](../../metron-interface/metron-alerts#threattriagescorefield) | UI | String | `threat_triage_score_field` | +| Property Name | Subsystem | Type | Ambari Property | +|---------------------------------------------------------------------------------------------------------------------|---------------|------------|----------------------------------------| +| [`es.clustername`](../metron-elasticsearch#esclustername) | Indexing | String | `es_cluster_name` | +| [`es.ip`](../metron-elasticsearch#esip) | Indexing | String | `es_hosts` & `es_port` | +| [`es.port`](../metron-elasticsearch#esport) | Indexing | String | N/A | +| [`es.date.format`](../metron-elasticsearch#esdateformat) | Indexing | String | `es_date_format` | +| [`es.client.settings`](../metron-elasticsearch#esclientsettings) | Indexing | Object | N/A | +| [`solr.zookeeper`](../metron-solr#configuration) | Indexing | String | `solr_zookeeper_url` | +| [`solr.commitPerBatch`](../metron-solr#configuration) | Indexing | String | N/A | +| [`solr.commit.soft`](../metron-solr#configuration) | Indexing | String | N/A | +| [`solr.commit.waitSearcher`](../metron-solr#configuration) | Indexing | String | N/A | +| [`solr.commit.waitFlush`](../metron-solr#configuration) | Indexing | String | N/A | +| [`solr.collection`](../metron-solr#configuration) | Indexing | String | N/A | +| [`solr.http.config`](../metron-solr#configuration) | Indexing | String | N/A | +| [`fieldValidations`](#validation-framework) | Parsing | Object | N/A | +| [`parser.error.topic`](../metron-parsers#parsererrortopic) | Parsing | String | `parser_error_topic` | +| [`stellar.function.paths`](../../metron-stellar/stellar-common#stellarfunctionpaths) | Stellar | CSV String | N/A | +| [`stellar.function.resolver.includes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes) | Stellar | CSV String | N/A | +| [`stellar.function.resolver.excludes`](../../metron-stellar/stellar-common#stellarfunctionresolverincludesexcludes) | Stellar | CSV String | N/A | +| [`profiler.period.duration`](../../metron-analytics/metron-profiler-storm#profilerperiodduration) | Profiler | Integer | `profiler_period_duration` | +| [`profiler.period.duration.units`](../../metron-analytics/metron-profiler-storm#profilerperioddurationunits) | Profiler | String | `profiler_period_units` | +| [`profiler.client.period.duration`](../../metron-analytics/metron-profiler-storm#profilerperiodduration) | Profiler | Integer | `profiler_period_duration` | +| [`profiler.client.period.duration.units`](../../metron-analytics/metron-profiler-storm#profilerperioddurationunits) | Profiler | String | `profiler_period_units` | +| [`profiler.writer.batchSize`](../../metron-analytics/metron-profiler-storm/#profilerwriterbatchsize) | Profiler | Integer | `profiler_kafka_writer_batch_size` | +| [`profiler.writer.batchTimeout`](../../metron-analytics/metron-profiler-storm/#profilerwriterbatchtimeout) | Profiler | Integer | `profiler_kafka_writer_batch_timeout` | +| [`update.hbase.table`](../metron-indexing#updatehbasetable) | REST/Indexing | String | `update_hbase_table` | +| [`update.hbase.cf`](../metron-indexing#updatehbasecf) | REST/Indexing | String | `update_hbase_cf` | +| [`user.settings.hbase.table`](../metron-interface/metron-rest) | REST/Indexing | String | `user_settings_hbase_table` | +| [`user.settings.hbase.cf`](../metron-interface/metron-rest) | REST/Indexing | String | `user_settings_hbase_cf` | +| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile) | Enrichment | String | `geo_hdfs_file` | +| [`enrichment.writer.batchSize`](../metron-enrichment#enrichmentwriterbatchsize) | Enrichment | Integer | `enrichment_kafka_writer_batch_size` | +| [`enrichment.writer.batchTimeout`](../metron-enrichment#enrichmentwriterbatchtimeout) | Enrichment | Integer | `enrichment_kafka_writer_batch_timeout`| +| [`geo.hdfs.file`](../metron-enrichment#geohdfsfile) | Enrichment | String | `geo_hdfs_file` | +| [`source.type.field`](../../metron-interface/metron-alerts#sourcetypefield) | UI | String | `source_type_field` | +| [`threat.triage.score.field`](../../metron-interface/metron-alerts#threattriagescorefield) | UI | String | `threat_triage_score_field` | ## Note Configs in Ambari If a field is managed via ambari, you should change the field via diff --git a/metron-platform/metron-solr/README.md b/metron-platform/metron-solr/README.md index ca90c73..cba4dd5 100644 --- a/metron-platform/metron-solr/README.md +++ b/metron-platform/metron-solr/README.md @@ -103,8 +103,8 @@ Elasticsearch is the real-time store used by default in Metron. Solr can be ena 1. Stop the Metron Indexing component in Ambari. 1. Update Ambari UI -> Services -> Metron -> Configs -> Index Settings -> Solr Zookeeper Urls to match the Solr installation described in the previous section. 1. Change Ambari UI -> Services -> Metron -> Configs -> Indexing -> Index Writer - Random Access -> Random Access Search Engine to `Solr`. -1. Set the `source.type.field` property to `source.type` in the [Global Configuration](../metron-common#global-configuration). -1. Set the `threat.triage.score.field` property to `threat.triage.score` in the [Global Configuration](../metron-common#global-configuration). +1. Change Ambari UI -> Services -> Metron -> Configs -> REST -> Source Type Field Name to `source.type`. +1. Change Ambari UI -> Services -> Metron -> Configs -> REST -> Threat Triage Score Field Name to `threat.triage.score`. 1. Start the Metron Indexing component in Ambari. 1. Restart Metron REST and the Alerts UI in Ambari.