Re: Metron's Future / Alternatives

Okay, so is it starting as a new architecture? On 2021/02/03 01:28:21, Simon Elliston Ball wrote: > We’re also replacing much of the functionality of Metron with a series of > Apache Flink based streaming components in a number of installations. It > makes for a composable approach, and

maas on apache hcp1.9.1

when i deploy by referring the tutorial $METRON_HOME/bin/maas_deploy.sh -zq $ZOOKEEPER -lmp /home/mock_dga -hmp /user/metron/models -mo ADD -m 512 -n dga -v 1.0 -ni 1 shows following output 20/03/18 04:32:44 INFO zookeeper.ClientCnxn: Opening socket connection to server HOSTNAME/IP_ADRESS.

Re: linux-syslog(centos 7) parsing in apache metron error

sion of > a syslog parser. > > 2nd. You only talk about using grok after that. > > I have tried your sample string with the above parser and it works. > > On February 27, 2020 at 09:19:08, updates on tube (abrahamfik...@gmail.com) > wrote: > > but i can't get the parser?

Re: linux-syslog(centos 7) parsing in apache metron error

but i can't get the parser? On 2020/02/27 12:13:35, Otto Fowler wrote: > Parsing this messages works with the Syslog3164Parser. Maybe you could > use that. > > On February 27, 2020 at 02:03:50, updates on tube (abrahamfik...@gmail.com) > wrote: > > > #

Re: linux-syslog(centos 7) parsing in apache metron error

t(ParserATNSimulator.java:424) at com.github.palindromicity.syslog.dsl.generated.Rfc5424Parser.header(Rfc5424Parser.java:373) ... 18 more On 2020/02/24 19:31:36, Michael Miklavcic wrote: > That's how we route errors. Looks like the syslog parser had trouble with >

Re: linux-syslog(centos 7) parsing in apache metron error

On 2020/02/24 19:31:36, Michael Miklavcic wrote: > That's how we route errors. Looks like the syslog parser had trouble with > one of your syslog messages > > On Mon, Feb 24, 2020, 5:41 AM updates on tube > wrote: > > > i get such error on kibana das

linux-syslog(centos 7) parsing in apache metron error

i get such error on kibana dashboard no error in storm com.github.palindromicity.syslog.dsl.ParseException: Syntax error @ 1:0 no viable alternative at input 'F' at com.github.palindromicity.syslog.dsl.DefaultErrorListener.syntaxError(DefaultErrorListener.java:33) at

asa elasticsearch template

can any one tell me how to get elasticsearch tempate for asa i cant find it.

apache metron alert ui not loading from kibana

after I see the log on elastic search(kibana dashboard) ingesting asa log from apache metron sample data available in Github, I can't see it on metron alert ui.. and the error i see on elastic search is as follow org.elasticsearch.transport.RemoteTransportException:

Re: streaming rsyslog metron using asa parser

the problem. parsing is going well.. > > On December 25, 2019 at 10:47:54, updates on tube (abrahamfik...@gmail.com) > wrote: > > On 2019/12/23 11:25:45, Otto Fowler wrote: > > That doesn’t look like ASA data. > > > https://github.com/apache/metron/blob/master/metron-pl

see this error when i try to create template for asa index for elasticsearch (apache metron)

org.elasticsearch.transport.RemoteTransportException: [worker4.sip.com]['ip_add':9300][indices:data/read/search[phase/query]] Caused by: java.lang.IllegalArgumentException: Fielddata is disabled on text fields by default. Set fielddata=true on [source:type] in order to load fielddata in memory

Re: streaming rsyslog metron using asa parser

December 23, 2019 at 01:57:38, updates on tube (abrahamfik...@gmail.com) > wrote: > > i was trying to stream rsyslog log data to apache metron using asa parser. > the log look like down below > > 2019-12-20T07:06:41-05:00 ab TESTING: Fri 20 Dec 2019 07:06:41 AM EST > the l

streaming rsyslog metron using asa parser

i was trying to stream rsyslog log data to apache metron using asa parser. the log look like down below 2019-12-20T07:06:41-05:00 ab TESTING: Fri 20 Dec 2019 07:06:41 AM EST the log 2019-12-20T07:06:41-05:00 ab rsyslogd: action 'action-13-builtin:omfwd' resumed (module 'builtin:omfwd')

Re: ingesting syslog and asa log into metron

On 2019/12/23 06:37:19, updates on tube wrote: > > > On 2019/11/25 14:14:38, Simon Elliston Ball > wrote: > > Use the nifi listen syslog processor to push Asa logs into a Kafka topic, > > then the metron asa parser to get that into your metron flow. > > >

Re: ingesting syslog and asa log into metron

On 2019/11/25 14:14:38, Simon Elliston Ball wrote: > Use the nifi listen syslog processor to push Asa logs into a Kafka topic, > then the metron asa parser to get that into your metron flow. > > Simon > > On Mon, 25 Nov 2019 at 14:12, updates on tube > wrote: &g

ingesting syslog and asa log into metron

hey guys first I really appreciate your urgent replies on my previous posts >> and for now, I went to ask how can I ingest Syslog and asa log into apache metron using nifi?

Re: how to install apache metron?

tall > > HCP 1.9.1. > > > > ElasticSearch and Kibana version that used in HCP 1.9.1 is 5.6.16. > > > > Please check here https://supportmatrix.hortonworks.com/ if you still > > confuse about compatibility issues. > > > > On Tue, Nov 5, 2019 at 3:15 PM up

how to install apache metron?

we have 8 servers to install apache metron using ambari, in order to tune the performance. can you help me with its compatibility, in -ambari version ?

Re: apache storm error

elastic-jvm-options”, the > “heap_size” setting. In our environment it is set to 2048m. > > > > > > > > From: updates on tube > Reply-To: "user@metron.apache.org" > Date: Friday, November 1, 2019 at 8:42 AM > To: "user

Re: apache storm error

we were trying to add new data telemetry source using https://cwiki.apache.org/confluence/display/METRON/Adding+a+New+Telemetry+Data+Source post but i see this error on storm ui parserbolt i installed using ambari and hcp On 2019/11/01 15:41:35, updates on tube wrote: > worker1.sip.com 6

apache storm error

worker1.sip.com 6700 java.util.concurrent.ExecutionException: org.apache.kafka.common.errors.TimeoutException: Failed to update metadata after 6 ms. at