You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@metron.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2017/11/22 21:17:00 UTC
[jira] [Commented] (METRON-1329) Simplify metron-bro-plugin-kafka
package loading
[ https://issues.apache.org/jira/browse/METRON-1329?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16263361#comment-16263361 ]
ASF GitHub Bot commented on METRON-1329:
----------------------------------------
GitHub user JonZeolla opened a pull request:
https://github.com/apache/metron-bro-plugin-kafka/pull/4
METRON-1329: Simplify metron-bro-plugin-kafka package loading
This is a very simple change that normalizes the process of loading this package in an existing bro system.
# Testing
1. Spin up a centos 7 VM.
```
vagrant init bento/centos-7.3
vagrant up
vagrant ssh
sudo su -
```
1. [Install bro 2.5.2](https://www.bro.org/sphinx/install/install.html) and [bro-pkg](http://bro-package-manager.readthedocs.io/en/stable/quickstart.html#installation). Make sure you are running at least bro 2.5 and bro-pkg 1.2.0, and configure bro-pkg properly.
```
# export PATH=$PATH:/usr/local/bro/bin
# bro --version
bro version 2.5.2
# bro-pkg --version
bro-pkg 1.2.2
# bro-pkg autoconfig
```
1. Install the bro package, and load it
```
bro-pkg install https://github.com/jonzeolla/metron-bro-plugin-kafka --version METRON-1329
bro-pkg load metron-bro-plugin-kafka
echo "@load packages" >> /usr/local/bro/share/bro/site/local.bro
```
1. Ensure bro loads things properly.
```
broctl deploy
```
If this was successful, the last step should look like this:
```
[root@node1 site]# broctl deploy
checking configurations ...
installing ...
removing old policies in /usr/local/bro/spool/installed-scripts-do-not-touch/site ...
removing old policies in /usr/local/bro/spool/installed-scripts-do-not-touch/auto ...
creating policy directories ...
installing site policies ...
generating standalone-layout.bro ...
generating local-networks.bro ...
generating broctl-config.bro ...
generating broctl-config.sh ...
stopping ...
bro not running
starting ...
starting bro ...
```
Otherwise, it will return an error.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/JonZeolla/metron-bro-plugin-kafka METRON-1329
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/metron-bro-plugin-kafka/pull/4.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #4
----
commit b2c3337983d5d207c1e592871eca68077781f150
Author: Jon Zeolla <ze...@gmail.com>
Date: 2017-11-22T21:05:18Z
METRON-1329
----
> Simplify metron-bro-plugin-kafka package loading
> ------------------------------------------------
>
> Key: METRON-1329
> URL: https://issues.apache.org/jira/browse/METRON-1329
> Project: Metron
> Issue Type: Improvement
> Reporter: Jon Zeolla
> Assignee: Jon Zeolla
> Priority: Trivial
>
> You should be able to load metron-bro-plugin-kafka by adding @load packages to local.bro, and running bro-pkg install apache/metron-bro-plugin-kafka and bro-pkg load apache/metron-bro-plugin-kafka. Right now, when you do that you will get the following error:
> error in /usr/local/bro/share/bro/site/local.bro, line 106: "redef" used but not previously defined (Kafka::logs_to_send)
> Because loads_to_send is exported in Bro/Kafka/logs-to-kafka.bro. Instead of forcing manual intervention after bro-pkg install and load, we should make that all work natively.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)