You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@metron.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/04/27 18:36:00 UTC
[jira] [Commented] (METRON-1543) Unable to Set Parser Output Topic
in Sensor Config
[ https://issues.apache.org/jira/browse/METRON-1543?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16456881#comment-16456881 ]
ASF GitHub Bot commented on METRON-1543:
----------------------------------------
GitHub user nickwallen opened a pull request:
https://github.com/apache/metron/pull/1007
METRON-1543 Unable to Set Parser Output Topic in Sensor Config
The only way to alter the output topic for a Parser topology is to manually launch the topology using the CLI with the `-ot` parameter. The user needs to be able to define this as part of the sensor's parser configuration so that the value is stored in Zookeeper and can be altered in the Management UI and launched from Ambari.
## Manual Testing
1. Launch the development environment.
```
cd metron-deployment/develoment/centos6
vagrant up
```
1. Validate the development environment.
* Ensure the 'Service Check' is successful.
* Ensure alerts are visible in the 'Alerts UI'.
1. Stop all topologies.
1. Launch the REPL.
```
vagrant ssh
sudo su -
source /etc/default/metron
cd $METRON_HOME
bin/stellar -z $ZOOKEEPER
```
1. Change the output topic for the 'bro' sensor.
```
[Stellar]>>> conf := CONFIG_GET("PARSER","bro")
{
"parserClassName":"org.apache.metron.parsers.bro.BasicBroParser",
"sensorTopic":"bro",
"parserConfig": {}
}
[Stellar]>>> conf := SHELL_EDIT(conf)
{
"parserClassName":"org.apache.metron.parsers.bro.BasicBroParser",
"sensorTopic":"bro",
"parserConfig": {},
"outputTopic": "new-topic"
}
[Stellar]>>> CONFIG_PUT("PARSER", conf, "bro")
[Stellar]>>> CONFIG_GET("PARSER", "bro")
{
"parserClassName":"org.apache.metron.parsers.bro.BasicBroParser",
"sensorTopic":"bro",
"parserConfig": {},
"outputTopic": "new-topic"
}
```
1. Start the Parser topologies again using Ambari.
1. Wait for the Bro parser topology to start. Then ensure that the parser is publishing messages to "new-topic".
```
[Stellar]>>> %define bootstrap.servers := "node1:6667"
node1:6667
[Stellar]>>> KAFKA_GET("new-topic")
[]
[Stellar]>>> KAFKA_GET("new-topic")
[{"bro_timestamp":"1524849662.943861","method":"GET","ip_dst_port":8080,"request_body_len":0,"uri":"\/api\/v1\/clusters\/metron_cluster\/alerts?format=groupedSummary&_=1484169223317","tags":[],"source.type":"bro","uid":"CUrRne3iLIxXavQtci","referrer":"http:\/\/node1:8080\/","trans_depth":198,"protocol":"http","original_string":"HTTP | id.orig_p:50451 method:GET request_body_len:0 id.resp_p:8080 uri:\/api\/v1\/clusters\/metron_cluster\/alerts?format=groupedSummary&_=1484169223317 tags:[] uid:CUrRne3iLIxXavQtci referrer:http:\/\/node1:8080\/ trans_depth:198 host:node1 id.orig_h:192.168.66.1 response_body_len:0 user_agent:Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/55.0.2883.95 Safari\/537.36 ts:1524849662.943861 id.resp_h:192.168.66.121","ip_dst_addr":"192.168.66.121","ip_src_port":50451,"host":"node1","guid":"f230947f-f6c8-49c4-84a5-cff124c4df60","response_body_len":0,"ip_src_addr":"192.168.66.1","user_agent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_12_2) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/55.0.2883.95 Safari\/537.36","timestamp":1524849662943}]
```
## Pull Request Checklist
- [ ] Is there a JIRA ticket associated with this PR? If not one needs to be created at [Metron Jira](https://issues.apache.org/jira/browse/METRON/?selectedTab=com.atlassian.jira.jira-projects-plugin:summary-panel).
- [ ] Does your PR title start with METRON-XXXX where XXXX is the JIRA number you are trying to resolve? Pay particular attention to the hyphen "-" character.
- [ ] Has your PR been rebased against the latest commit within the target branch (typically master)?
- [ ] Have you included steps to reproduce the behavior or problem that is being changed or addressed?
- [ ] Have you included steps or a guide to how the change may be verified and tested manually?
- [ ] Have you ensured that the full suite of tests and checks have been executed in the root metron folder via:
- [ ] Have you written or updated unit tests and or integration tests to verify your changes?
- [ ] If adding new dependencies to the code, are these dependencies licensed in a way that is compatible for inclusion under [ASF 2.0](http://www.apache.org/legal/resolved.html#category-a)?
- [ ] Have you verified the basic functionality of the build by building and running locally with Vagrant full-dev environment or the equivalent?
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/nickwallen/metron METRON-1543
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/metron/pull/1007.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #1007
----
commit 0e26295f4bd91df86d4a62a4a8c31e016fb74d3e
Author: Nick Allen <ni...@...>
Date: 2018-04-24T17:32:33Z
METRON-1543 Unable to Set Parser Output Topic in Sensor Config
----
> Unable to Set Parser Output Topic in Sensor Config
> --------------------------------------------------
>
> Key: METRON-1543
> URL: https://issues.apache.org/jira/browse/METRON-1543
> Project: Metron
> Issue Type: Bug
> Reporter: Nick Allen
> Assignee: Nick Allen
> Priority: Major
>
> The only way to alter the output topic for a Parser topology is to manually launch the topology using the CLI with the `-ot` parameter.
> The user needs to be able to define this as part of the sensor's parser configuration so that the value is stored in Zookeeper and can be altered in the Management UI and launched from Ambari.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)