Support Questions

Mustafa_ · ‎11-04-2020

Hello, Hope all of you are fine,

I recently started learning Apache Metron and I have been performing the squid tutorial for the last week.

(I installed HDP 3.1.4 on Ambari 2.7.3 with HCP 2.0.0.0)

The problem I am facing is that my logs aren't showing the the alerts UI.

I have already defined a elasticsearch index template with the two fields "metron_alert" and "alert"

Here is the sensor information

parser logs are being created in kibana

Below is the index template

when you run

GET alert_ui_test_*

Below is the sensor and enrichment config

When I see the logs at /var/log/metron/metron-rest.log

I see this error , but not sure about what it is

Mustafa_ · ‎11-05-2020

Issue is resolved. It seems that for some reason my hbase tables 'user_settings' and 'metron_update' that were mentioned in the zookeeper global config file of metron were not present in my hbase.

Simply creating the tables in hbase resolved the issue and updates appeared in the alerts ui.

I used the following commands

hbase shell

create 'user_settings' , 'cf'

create 'metron_update' , 't'

View solution in original post

Mustafa_ · ‎11-05-2020