Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Indexing error on apache metron

Indexing error on apache metron

Labels:
xarulamim
New Contributor

Created ‎12-24-2018 08:49 AM

Hello,

I am using apache metron with elasticsearch, the "metron alert ui/kibana" does not show any data until i restart the `metron indexing` on ambari page. The sensor of snort is sending the data to nifi, from the nifi it send to the kafka. The kafka have the created the topic as expected and the topology are created on storm ui. Unfortunately, the indices on ES is not created, hence no data was displayed on the metron alert ui. After restart the `metron indexing` servive on ambari the data started to shown on kibana and alert ui becouse the indices are now created. so what it need to be done to indices to be created automatically (live data).

Reply
147 Views
0 Kudos
2 REPLIES 2
Highlighted

Re: Indexing error on apache metron

StefanDunkler
Contributor

Created ‎12-31-2018 08:31 AM

Hi @Amirul

seems like you got it working, because you are seeing events in elastic. :)

You mention an "Indexing error". Do you have a log snippet that shows the error message?

Reply
9 Views
0 Kudos

Re: Indexing error on apache metron

xarulamim
New Contributor

Created ‎12-31-2018 08:38 AM

Hi @Stefan Kupstaitis-Dunkler

Yeah it's working, but need to restart the metron indexing for data are indexed on elasticsearch. I already reconfigure Elasticsearch with manual installation(yum install) and not using ambari. The data now are live on metron alert ui. Btw, thanks for your blog on datahovel.com


Reply
9 Views
0 Kudos
Don't have an account?
Register
Coming from Hortonworks? Activate your account here