Support Questions

Find answers, ask questions, and share your expertise

Apache Metron Alerts UI not showing any alerts

avatar
New Contributor

Hello, Hope all of you are fine, 

I recently started learning Apache Metron and I have been performing the squid tutorial for the last week.

(I installed HDP 3.1.4 on Ambari 2.7.3 with HCP 2.0.0.0)

The problem I am facing is that my logs aren't showing the the alerts UI. 

I have already defined a elasticsearch index template with the two fields "metron_alert" and "alert"

Here is the sensor information

t_n.PNG

parser logs are being created in kibana 

kib.PNG

 

Below is the index template

when you run 

GET alert_ui_test_*

 

alert_ui.PNG

aler.PNG

Below is the sensor and enrichment config

sensor_conf.PNG

enrich_conf.PNG

When I see the logs at /var/log/metron/metron-rest.log

I see this error , but not sure about what it is

erro.PNG

1 ACCEPTED SOLUTION

avatar
New Contributor

Issue is resolved. It seems that for some reason my hbase tables 'user_settings' and 'metron_update' that were mentioned in the zookeeper global config file of metron were not present in my hbase.

Simply creating the tables in hbase resolved the issue and updates appeared in the alerts ui.

I used the following commands 

hbase shell

create 'user_settings' , 'cf'

create 'metron_update' , 't'

View solution in original post

1 REPLY 1

avatar
New Contributor

Issue is resolved. It seems that for some reason my hbase tables 'user_settings' and 'metron_update' that were mentioned in the zookeeper global config file of metron were not present in my hbase.

Simply creating the tables in hbase resolved the issue and updates appeared in the alerts ui.

I used the following commands 

hbase shell

create 'user_settings' , 'cf'

create 'metron_update' , 't'