We are getting following issues on both of our deployments, 0.4.1 multinode with 2 nodes and 0.7.1 single node with sensors.
Sensors "yaf" and "snort" are working.
Data ingestion is also working fine, checked manually from kafka consumer, and it shows topic logs using following command.
"/usr/hdp/current/kafka-broker/bin/kafka-console-consumer.sh -z 10.2.4.102:2181 --topic snort"
Our guess is Enrichment process is working at some level as it is showing some acks in STORM UI, but while checking manually no data is shown in enrichment topic using following command
"/usr/hdp/current/kafka-broker/bin/kafka-console-consumer.sh -z 10.2.4.102:2181 --topic enrichment"
There are no index files shown in Elasticsearch except ".kibana" at "http://10.2.4.102:9200/_cat/indices?v" ,
Also there is no index files present in hdfs checked using following command
"hdfs dfs -ls /apps/metron/indexing/indexed/"
By checking logs at /var/logs/metron/metron-rest.log ,following error is logged
log4j:ERROR A "org.apache.log4j.ConsoleAppender" object is not assignable to a "org.apache.hadoop.hbase.shaded.org.apache.log4j.Appen
der" variable.
log4j:ERROR The class "org.apache.hadoop.hbase.shaded.org.apache.log4j.Appender" was loaded by
log4j:ERROR [sun.misc.Launcher$AppClassLoader@5c647e05] whereas object of type
log4j:ERROR "org.apache.log4j.ConsoleAppender" was loaded by [sun.misc.Launcher$AppClassLoader@5c647e05].
log4j:ERROR Could not instantiate appender named "console".
log4j:ERROR A "org.apache.hadoop.log.metrics.EventCounter" object is not assignable to a "org.apache.hadoop.hbase.shaded.org.apache.l
Kindly see if anyone can help us on this.
Thanks in advance.