Re: metron dashboard timeout when loads many data

so i must restart the datanodes one by one. and set only one master node right? Ok i got it. thank you so much James for your explanation. i will try it soon. On Thu, 12 Oct 2017 at 21.55 James Sirota wrote: > You have to restart the ES cluster in a rolling fashion. Meaning

Re: Snort

You mean that I must start snort from terminal by doing snort -v and then push it to kafka topic? I need to start snort in packet capture mode. On Tue, Oct 10, 2017 at 9:52 PM, James Sirota wrote: > Yes, you can use Snort. Metron can consume Snort telemetries out of the >