Do you get 10 records output to the CLI when you run the following? /usr/hdp/current/kafka-broker/bin/kafka-console-consumer.sh --zookeeper $ZOOKEEPER --topic indexing --from-beginning --max-messages 10
On Fri, Apr 5, 2019 at 11:38 AM Hema malini <[email protected]> wrote: > We verified it in Storm ui and in Storm topology logs > > On Fri, Apr 5, 2019, 10:53 PM Michael Miklavcic < > [email protected]> wrote: > >> How did you validate the logs are making it to the indexing topology? >> >> On Fri, Apr 5, 2019 at 8:12 AM Hema malini <[email protected]> >> wrote: >> >>> >>> Hi, >>> >>> >>> >>> We have installed Metron 0.7.1 in centos 7 using Amabari.Using Nifi we >>> sent the sample snort logs copied from metron git repo to snort kafka >>> topic.We did the same for bro topic.Logs are getting parsed and reached >>> indexing topology . Elastic search indices are not getting created though >>> we gave elastic search template install from ambari. So manually created >>> the elastic search index using template available in metron repo. >>> Though elastic search index is present , data from indexing toplogy neither >>> reached elastic search nor hdfs path .There are no errors in storm toplogy >>> logs.We could see the sample log in Metron management ui. How we can send >>> the logs to alerts ui and kibana dashboard. In kibana dashboard we could >>> see two dashboards - Metron-Dashboard,Metron-Error-Dashboard created but >>> with no data. Elasticsearch health is yellow and we are able to insert data >>> via rest call. Any documentation on sending the smaple snort logs to metron >>> alerts ui will be helpful . Any configuration from metron management ui is >>> required to pass it to alerts –ui >>> >>> >>> >>> >>> >>> Thanks and Regards >>> >>> Hema >>> >>> >>> >>> >>> >>> >>> >>
