Ansible 2.0.0.2 is no longer supported. I recently spun up master with the latest version of ansible. Note that if you use a Mac, you must use pip to install the latest ansible, the Brew version will not work currently.
You may want to look at https://github.com/apache/metron/pull/1261, it's meant specifically to simplify the spin up of our testing environment. Metron by itself would not directly compare to moloch, although there is a lot of overlap, metron has many features that moloch does not, and vice versa. While metron does support full packet capture, there's nothing inherent in metron itself that does metadata extraction. That said, you can use follow the instructions in the link below to spin up bro, which does exactly that. https://github.com/apache/metron/blob/master/metron-deployment/development/centos6/README.md#sensors Jon On Fri, Nov 30, 2018, 8:51 AM Babak Abbaschian <[email protected]> wrote: > I am trying to be able to see this system for the first time for two > weeks, any help to getting me to a working product is appreciated. > The plan was to compare this with Moloch and ES-PacketBeats-LogStash, > which I was able to install them and are running like a charm on our > systems now. > > > Sent from Yahoo Mail for iPhone > <https://overview.mail.yahoo.com/?.src=iOS> > > On Friday, November 30, 2018, 8:43 AM, Simon Elliston Ball < > [email protected]> wrote: > > Are you looking to install a dev build? If not and you just want to use > the system, you may be better off with a pre-built distribution. > > Simon > > On 30 Nov 2018, at 12:48, Babak Abbaschian <[email protected]> > wrote: > > It’s two weeks that I’m trying to install metron 0.6.1, but I end up with > an error with mpm failing to install some dependencies. > From the other side everything in Metron’s documentation is too old, > CentOs 6, Ubuntu 14, Ansible 2.0.0.2 etc. And at the same time we need > NodeJs 9(accompanied with NPM 5) with NPM 6(accompanies NodeJs 10). > So I thought instead of this amount of patchwork try the one with all same > age components, but it failed as well. :( > > > Sent from Yahoo Mail for iPhone > <https://overview.mail.yahoo.com/?.src=iOS> > > On Thursday, November 29, 2018, 10:09 PM, Laurens Vets <[email protected]> > wrote: > > I would suggest to try with a newer version (0.6.0), 0.3.1 is very old. > On 2018-11-29 6:20 p.m., Babak Abbaschian wrote: > > Followed this link: > https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=68718548 > With the following info: > > ************************************************************************************************************ > Metron 0.3.1 > -- > * (detached from origin/Metron_0.3.1) > -- > commit 7abd7e8a231c6cbe9ee4ab23a5df1e97344f5212 > Author: justinleet <[email protected]> <[email protected]> > Date: Thu Feb 23 10:40:14 2017 -0500 > > METRON-734 Builds failing because of MaxMind DB transitive dependency > (justi > -- > -- > ansible 2.0.0.2 > config file = /etc/ansible/ansible.cfg > configured module search path = Default w/o overrides > -- > Vagrant 2.2.0 > -- > Python 2.7.12 > -- > Apache Maven 3.3.9 (bb52d8502b132ec0a5a3f4c09453c07478323dc5; > 2015-11-10T11:41:47-05:00) > Maven home: /usr/local/apache-maven/apache-maven-3.3.9 > Java version: 1.8.0_191, vendor: Oracle Corporation > Java home: /usr/lib/jvm/java-8-oracle/jre > Default locale: en_US, platform encoding: UTF-8 > OS name: "linux", version: "4.4.0-139-generic", arch: "amd64", family: > "unix" > -- > Linux upctv 4.4.0-139-generic #165~14.04.1-Ubuntu SMP Wed Oct 31 10:55:11 > UTC 2018 x86_64 x86_64 x86_64 GNU/Linux > -- > Total System Memory = 15968.6 MB > Processor Model: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz > Processor Speed: 3899.902 MHz > Total Physical Processors: 4 > Total cores: 16 > Disk information: > /dev/sda3 269G 33G 223G 13% / > /dev/sda1 659G 453G 206G 69% /media/ubuntu/DropBox > > ****************************************************************************** > > And got this error: > > TASK [kibana : Install the Metron Dashboard] > *********************************** > fatal: [node1]: FAILED! => {"changed": true, "cmd": "elasticdump --output= > http://node1:9200/.kibana --input=/tmp/kibana-index.json", "delta": > "0:00:00.069235", "end": "2018-11-30 01:39:46.092021", "failed": true, > "rc": 1, "start": "2018-11-30 01:39:46.022786", "stderr": > "/usr/lib/node_modules/elasticdump/elasticdump.js:3\nconst {EventEmitter} = > require('events')\n ^\n\nSyntaxError: Unexpected token {\n at > exports.runInThisContext (vm.js:53:16)\n at Module._compile > (module.js:373:25)\n at Object.Module._extensions..js > (module.js:416:10)\n at Module.load (module.js:343:32)\n at > Function.Module._load (module.js:300:12)\n at Module.require > (module.js:353:17)\n at require (internal/module.js:12:17)\n at > Object.<anonymous> > (/usr/lib/node_modules/elasticdump/bin/elasticdump:6:19)\n at > Module._compile (module.js:409:26)\n at Object.Module._extensions..js > (module.js:416:10)", "stdout": "", "stdout_lines": [], "warnings": []} > > > > > > > -- Jon Zeolla
