Support Questions

adroot16 · ‎04-07-2017

Hi everyone. I deploy a Metron cluster using Ambari following article https://community.hortonworks.com/articles/60805/deploying-a-fresh-metron-cluster-using-ambari-serv..... I pushed Bro logs to Kafka and It's show on Discover. But when I access http://metron:5000 then Kibana dashboard empty. Can you help me?

asubramanian · ‎04-07-2017

Hi @Lee Adrian, yes I have also seen that the default dashboard comes up empty unlike the quickdev/fulldev deployments. You will need to create the visualizations, indices etc. manually.

One alternative that I follow is to export the entire dashboard from a quickdev/fulldev, import it into the new cluster, then edit the dashboard configuration. I'm attaching the sample export from fulldev deployment for your reference (fulldev-kibana-exportjson.txt).

View solution in original post

asubramanian · ‎04-07-2017

Hi @Lee Adrian, yes I have also seen that the default dashboard comes up empty unlike the quickdev/fulldev deployments. You will need to create the visualizations, indices etc. manually.

One alternative that I follow is to export the entire dashboard from a quickdev/fulldev, import it into the new cluster, then edit the dashboard configuration. I'm attaching the sample export from fulldev deployment for your reference (fulldev-kibana-exportjson.txt).

adroot16 · ‎04-08-2017

Hi @asubramanian, Thank you very much. I'm have a problem. Wish you counseling help me. I configured YAF Server and I searched Google but I don't push YAF log to Metron.

asubramanian · ‎04-10-2017

Hi @Lee Adrian, have you setup your YAF environment as per this link - https://tools.netsa.cert.org/yaf/ ?

adroot16 · ‎04-11-2017

Hi @asubramanian, Command "rwfilter --proto=0- --type=all --pass=stdout | rwcut | tail" showed results. But I can't push data from YAF Server to Metron.

asubramanian · ‎06-19-2017

Hi @Lee Adrian, apparently there is an easier way to enable the default dashboard on Metron.

* Launch Ambari UI

* Go to Services -> Metron

* Choose Service Actions -> Elasticsearch Template Install; and confirm on dialog.

* Next, go to Services -> Kibana

* Choose Service Actions -> Load Template

Now you can launch the Kibana (Metron) UI and the default dashboard should appear. Please give this a try on your environment and let me know if it works.

Credit goes to @David Lyle for helping with this information.

akashkumarva · ‎07-14-2017

Hi @asubramanian I followed these steps as I had a blank Kibana dashboard. However, once I chose the service action to load the Kibana template the operation failed. I created a seperate post with my logs:

https://community.hortonworks.com/questions/113052/load-template-kibana-server-failing.html

Any help would be appreciated thanks.

Cloudera Community

Support Questions

Kibana dashboard empty on Metron 0.3