Did you setup and load the geo enrichment database? https://metron.apache.org/current-book/metron-platform/metron-data-management/index.html#GeoLite2_Loader <https://metron.apache.org/current-book/metron-platform/metron-data-management/index.html#GeoLite2_Loader>
Also, we can’t really see the error from screenshots, please send log entries. Simon > On 17 Nov 2017, at 07:11, Syed Hammad Tahir <mscs16...@itu.edu.pk> wrote: > > Hi all, I am starting it again. Last one got a bit messy > > Ok, Now I have started everything again from scratch (redeployed single node > based ambari metron cluster with ansibleSkipTags = 'quick-dev') and now when > I execute this command: > > shuf -n 10 snort.out | sed -e "s/[^,]\+ ,/`date > +'%m\/%d\/%y-%H:%M:%S'`.000000 ,/g" | > /usr/hdp/current/kafka-broker/bin/kafka-console-producer.sh --broker-list > node1:6667 --topic snort > > (format of ths command was taken from: > https://github.com/apache/metron/blob/master/metron-deployment/roles/sensor-stubs/templates/start-snort-stub > > <https://github.com/apache/metron/blob/master/metron-deployment/roles/sensor-stubs/templates/start-snort-stub>) > > I get this under enrichment storm topology : > > <image.png> > > <image.png> > > I have come this far, please help me push these dummy preformatted snort logs > into kibana dashboard. > > Regards. >
