@SandeepG01    What the ERROR is telling you is that some component the references the parameter context failed to transition to a stopped state.   When a parameter context is defined in a component (NiFi processor for example), and change to the value assigned to that parameter would require the restart of those components so that the new parameter value is read in by the component. When a component like a NiFi processor is asked to stop, it first transitions into a state of "Stopping".  Once any active threads on that component complete the processor transitions to a "Stopped" state.  It as this point the component could be started again. So there are two possible scenarios that can happen here Since NiFi will not interrupt an active thread: 1. A component had a ling running thread that the restart process timed out waiting for it to transition to stopped (thread to complete and exit).  It is quite possible that this component did finally finish its  thread execution post this timeout and another attempt to apply the parameter context change would not be successful. 2. A component has a hung thread.  Meaning the active thread on the component is making no progress because it is either waiting indefinitely on some response action or it being blocked by some other thread.  In this case it would never complete its execution and transition to the "Stopped"state.  First you need to identify the processor with the hung thread (Processors show a small number in t he upper right corner when a thread is active).  Then you can take a series of thread dumps (./nifi.sh dump <dump-file-01>) and compare those thread dumps to see if the you have a thread stuck in the same state in every dump (shows no thread progress).  The only way to kill a hung thread is via a NiFi restart.   NiFi processors offer a terminate option, but that does not kill the tread.  It simply disassociates that thread with the processor (think of putting in an isolation box). The flowfile that was being processed by that thread is rolled back on to the incoming connection.  Should that terminated thread ever return anything (lets say it was not hung, but just a very long running thread), it output is just sent to null since it was terminated.  But again that thread if truly hung will not go away until NiFi restart even if you selected terminate on the component. You many also inspect the nifi-app.log for the ERROR exception to see if it is followed with a stack trace that may give more insight. Hope this helps, Matt ... View more

@sarath_rocks55    If you are looking for assistance with an issue, please post a "question" in the community rather than adding a comment to a community article.   Comments on community articles should be about the article content only. Thank you ... View more

@nikolayburiak  Have you tried defining the keytab and principal directly in the the  Hbase_2_ClientService configuration rather than using the KeytabCredentialsService to see if ticket renewal works correctly? This may get you pas the issue now and also help identify if issue is potentially with the controller services.   Thanks, Matt ... View more

Hi, @MattWho  we actually already implemented prototypes of such custom processors and the basic principles are clear. By processor logic, I did not mean the structure of the processor like relationships. The structure is static in our case. By the processor logic, I refer, the code which is called in "onTrigger" in "StreamCallback.process". In my case, the logic can be  parametrized by some configuration data (These configuration data is provided by a service or database tables). The configuration data is static during the whole processor run and must be provided during instantiation of the business logic object. You might see it as lookup, which must not happen during the processing "onTrigger", but "onScheduled" (sorry I wrote in "init" previously, that was not right) Best regards Jaro ... View more

@dhhan74    The attached screenshot shows your running version as Apache NiFi 1.9.0. There is a known issue in that released that results in the ERROR condition you have encountered: https://issues.apache.org/jira/browse/NIFI-6285   This issue was addressed as of Apache NiFi 1.10.   Hope this helps, Matt ... View more

This custom processor may be what you want. https://github.com/minyk/nifi-headlessbrowser-processor   Google doesn't provide a free API for search and their terms of service don't allow it   Please see Google's Terms of Service posted at http://www.google.com/terms_of_service.html   Other search engines have REST APIs you can easily plug into nifi   https://github.com/tspannhw/EverythingApacheNiFi https://www.datainmotion.dev/2020/01/quicktip-ingesting-google-analytics-api.html https://community.cloudera.com/t5/Community-Articles/Creating-HTML-from-PDF-Excel-and-Word-Documents-using-Apache/ta-p/247968 https://community.cloudera.com/t5/Community-Articles/Parsing-Any-Document-with-Apache-NiFi-1-5-with-Apache-Tika/ta-p/247672 https://community.cloudera.com/t5/Community-Articles/Converting-PowerPoint-Presentations-into-French-from-English/ta-p/248974 ... View more

@Gubbi    Since you comment that NiFi starts fine when you remove the flow.xml.gz, this points at an issue with loading /reading the flow.xml.gz file.  I would suggest opening you flow.xml.gz in an xml editor and make sure it is valid.  When NiFi starts it loads the flow.xml in to heap memory.  From then on all changes made within the UI are made in memory and a flow.xml.gz is written to disk.  I would be looking for XML special characters (http://xml.silmaril.ie/specials.html) that were not escaped in the XML that written out to the flow.xml.gz.  Manually remove or correct the invalid flow.xml.gz may work. You may get lucky going back and trying multiple archived copies of flow.xml.gz files.  Perhaps one still exist prior to the config change that was made that introduced the issue? Note: Be aware that starting NiFi without the flow.xml.gz will result in loss of all queued FlowFiles. Hope this helps, Matt ... View more

@NY    There are several bugs related content repository failing to clean-up under specific conditions. Based on your description and version of HDF, the most likely bugs are the following: https://issues.apache.org/jira/browse/NIFI-6846 https://issues.apache.org/jira/browse/NIFI-5771   Both of the above would result in cleanup occurring only on NiFi Restart once the condition occurs. If you are using the VolatileFlowFileRepository implementation which is uncommon, you may be hitting: https://issues.apache.org/jira/browse/NIFI-6236 While you are not hitting below jira because it was only introduced in Apache NIFi 1.9.1 (HDF3.4.0 - removed) and fixed in HDF 3.4.1, sharing for completeness here: https://issues.apache.org/jira/browse/NIFI-6150 All the above are addressed, except NIFI-6846 are addressed in HDF 3.4.1 (Apache NiFi 1.9.2). All above are fixed in HDF 3.5.1 (Apache NiFi 1.11.4). I recommend upgrading to HDF 3.5.x (latest) Hope this helps, Matt ... View more

@anil35759  Your observations are exactly how Nifi is designed to work when importing version comtrolled flows from NiFi-Registry.   The first time you "deploy" a flow from NiFi-Registry it will add all the Controller Services (CS) utilized by the newly imported flow's components.  Subsequent version changes will not result in same behavior unless there is a new CS as part of the new version. So if you then deploy another version controlled flow that uses the same CS that the other already imported flow uses, you will end up with a second set of CS in the target NiFi.  There is not cross dependency on separately version controlled flows in NiFi-Registry. So each version controlled Process Group (PG) in NiFi will contain the complete set of referenced CS.  Post import of a CS to target NiFi, you may make changes to the CSs imported.  It would be dangerous for NiFi to assume that when importing another or the sane flow again from NiFi-Registry that it should reuse existing CS within the target NiFi.  Matt ... View more

Definitively, Nifi is ignoring the core-site.xml and hdfs-site.xml  I put in the configuration. I have filtered the log for my flow and I get:   2020-07-11 16:13:49,123 INFO [NiFi Web Server-298078] o.a.n.c.s.StandardProcessScheduler Starting PutHDFS[id=436939a6-0fd4-1741-bb61-7913fdc19600] 2020-07-11 16:13:49,135 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/core-site.xml:an attempt to override final parameter: fs.defaultFS; Ignoring. 2020-07-11 16:13:49,136 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.datanode.data.dir; Ignoring. 2020-07-11 16:13:49,136 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.datanode.failed.volumes.tolerated; Ignoring. 2020-07-11 16:13:49,136 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.namenode.name.dir; Ignoring. 2020-07-11 16:13:49,136 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.webhdfs.enabled; Ignoring. 2020-07-11 16:13:49,145 INFO [Timer-Driven Process Thread-5] o.a.hadoop.security.UserGroupInformation Login successful for user svcqhdfuser using keytab file /etc/nifi-resources/keytabs/svcqhdfuser.keytab 2020-07-11 16:14:04,750 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.hdfs.DFSUtil Namenode for mycluster remains unresolved for ID nn1. Check your hdfs-site.xml file to ensure namenodes are configured properly. 2020-07-11 16:14:21,063 WARN [Timer-Driven Process Thread-5] org.apache.hadoop.hdfs.DFSUtil Namenode for mycluster remains unresolved for ID nn2. Check your hdfs-site.xml file to ensure namenodes are configured properly. 2020-07-11 16:14:21,063 ERROR [Timer-Driven Process Thread-5] o.apache.nifi.processors.hadoop.PutHDFS PutHDFS[id=436939a6-0fd4-1741-bb61-7913fdc19600] HDFS Configuration error - java.io.IOException: Couldn't create proxy provider class org.apache.hadoop.hdfs.server.namenode.ha.ConfiguredFailoverProxyProvider: {} 2020-07-11 16:14:21,064 ERROR [Timer-Driven Process Thread-5] o.apache.nifi.processors.hadoop.PutHDFS PutHDFS[id=436939a6-0fd4-1741-bb61-7913fdc19600] Failed to properly initialize Processor. If still scheduled to run, NiFi will attempt to initialize and run the Processor again after the 'Administrative Yield Duration' has elapsed. Failure is due to java.lang.reflect.InvocationTargetException: java.lang.reflect.InvocationTargetException 2020-07-11 16:14:50,810 INFO [NiFi Web Server-298342] o.a.n.c.s.StandardProcessScheduler Stopping PutHDFS[id=436939a6-0fd4-1741-bb61-7913fdc19600] 2020-07-11 16:14:51,076 WARN [Timer-Driven Process Thread-2] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/core-site.xml:an attempt to override final parameter: fs.defaultFS; Ignoring. 2020-07-11 16:14:51,077 WARN [Timer-Driven Process Thread-2] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.datanode.data.dir; Ignoring. 2020-07-11 16:14:51,077 WARN [Timer-Driven Process Thread-2] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.datanode.failed.volumes.tolerated; Ignoring. 2020-07-11 16:14:51,077 WARN [Timer-Driven Process Thread-2] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.namenode.name.dir; Ignoring. 2020-07-11 16:14:51,077 WARN [Timer-Driven Process Thread-2] org.apache.hadoop.conf.Configuration /etc/nifi/confhdi/hdfs-site.xml:an attempt to override final parameter: dfs.webhdfs.enabled; Ignoring.   Brgds,   Paz ... View more

@johannes_meixne    The only place you would use "{0}" would be in the ldap-provider used for user authentication.  The {0} gets replaced with the username entered in the login UI.  The LdapUserGroupProvider however is used by the nifi authorizer to assemble a list of users and group strings (along with the association/membership between those user and groups) which can be used to assign authorizations against.  The LdapUserGroupProvider executes on NiFi startup and then on a configured schedule to refresh the synced users and groups.  Since it takes no input you can not use "{0}" in the search filter. ... View more

@Alexandros    As soon as you retrieve the json from which you later extract the sensitive values, those sensitive values are available/readable by anyone who has access to view the content of a FlowFile.  Even if you restrict user access so they can not view the FlowFile content, once you extract those sensitive values to FlowFile attributes they become exposed further.  There is currently no methods within NiFi for encrypting FlowFile attributes.  Doing so would also require any downstream processor in which you would want use those encrypted attributes to be able to understand that it is a sensitive value and decrypt it for use.  Bottom line here, is that the capability you are looking for does not exist within NiFi right now. This sounds like a new development opportunity/contribution maybe.  Perhaps a new NiFi controller service that handles pulling the credentials from the AWS Secret Manager and obtaining the JWT token without writing anything to the FlowFIle's attributes or content.  Then any processor you would want to use this new CS in would need to be extended to support the new capability.  I am not a developer myself, but this sound like non-trivial work. @alopresto might have some thoughts to add here. Thanks, Matt ... View more

@i_love_burger    I am not sure what configuration step you need help with. What is not "working"? What errors are you seeing when processor tries to execute? NiFi configured method for user authentication has nothing to do with how processors authenticate with external servers/resources.  Your user authentication and subsequent authorization simply controls what you as a NiFi user can see and do within the NiFi UI.  NiFi components like processors you add via the NiFi UI are not running/executing as your user.  All components are executed by the NiFi JVM service user.  Any authentication required is configured via the component itself. If your endpoint  httphandler running on port 8060 required mutual TLS authenctication via the TLS handshake, you will need to configure a SSLContextService that has both a keystore and a truststore. The keystore must contain a single "PrivateKeyEntry" that supports clientAuth and is capable of beig trusted by the target endpoint.  The Truststore used must contain the complete TLS trust chain for the target endpoint presented server certificate in the TLS hanshake. If only one-way TLS is required, all that is need is an SSLContextService with the above mentioned truststore. Using command: "openssl s_client -connect <servername>:<port> --showcerts"  is a good way to observe the server side handshake and obtain all the public certificates needed for a complete trusts chain in your truststore. Hope this helps, Matt ... View more

@LearnerAdmin    It is not clear to me what you are asking when you say " add NIFI CA in authorities".   Instructions on using the NiFi TLS toolkit can be found here: https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html#tls_toolkit   Using the Client/Server Tls Toolkit operational mode covered here: https://nifi.apache.org/docs/nifi-docs/html/toolkit-guide.html#client-server Will give you the ability to create a running NiFi CA authority "server" which will sign your NiFi node certificates created using the "client" mode.   Thanks, Matt ... View more

Hi, I have the same issue, but it's wanted because i made some lookups before the merge and records that didn't match where skipped, this is wanted behavior! so the question is, can these "incomplete" flow-files be merged anyway ? how?   Thanks ... View more