Cloudera Community

Archives of Support Questions (Read Only)

This is an archived board for historical reference. Information and links may no longer be available or relevant
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Advanced Search
Announcements
This board is archived and read-only for historical reference. To ask a new question, please post a new topic on the appropriate active board.
Solved Go to solution

Ingesting XML Telemetry in Metron

Labels:
avatar
author-rank hamed1
New Member

Created ‎03-08-2017 11:45 PM

Hi,

I was wondering about the best way to ingest logs in XML format into Metron. Parsing with Grok doesn't seem to be the way to go in this case. Remaining options seem to be to 1) either utilize NiFi to turn the XML into a format that Metron expects, 2) or develop a java parser for parsing XML, (that is Metron-288 issue which is not of high priority: https://issues.apache.org/jira/browse/METRON-288 ).

Are these two options the only possibilities?

1,837 Views
0 Kudos
1 ACCEPTED SOLUTION

avatar
author-rank Carolyn author-rank
Guru

Created ‎03-31-2017 12:59 PM

Metron supports 3 types of parsers: Grok, CSV and Java. For XML data Java is the best choice.

You can see example parsers in the Metron github:

https://github.com/apache/incubator-metron/tree/master/metron-platform/metron-parsers/src/main/java/...

You could also use Nifi to convert the XML to JSON and enqueue the events to the enrichment topic. Here are some articles about parsing XML logs with Nifi:

https://community.hortonworks.com/articles/25720/parsing-xml-logs-with-nifi-part-1-of-3.html

View solution in original post

1,675 Views
0 Kudos
1 REPLY 1

avatar
author-rank Carolyn author-rank
Guru

Created ‎03-31-2017 12:59 PM

Metron supports 3 types of parsers: Grok, CSV and Java. For XML data Java is the best choice.

You can see example parsers in the Metron github:

https://github.com/apache/incubator-metron/tree/master/metron-platform/metron-parsers/src/main/java/...

You could also use Nifi to convert the XML to JSON and enqueue the events to the enrichment topic. Here are some articles about parsing XML logs with Nifi:

https://community.hortonworks.com/articles/25720/parsing-xml-logs-with-nifi-part-1-of-3.html

1,676 Views
0 Kudos
Announcements
What's New @ Cloudera
Announcing Cloudera Streaming Analytics 1.17: Python UDFs, S...
Community Announcements
Content Update: Evolving Our Community Content for Better, A...
Community Announcements
Product Name Updates — Community Label Changes & Notificatio...
What's New @ Cloudera
Announcing Cloudera Data Lineage for Trino
What's New @ Cloudera
Announcing Cloudera Streaming Analytics Operator for Kuberne...
View More Announcements