Thanks for the headsup @asubramanian ... View more

@leo leeWe fixed the issue by modifying the JAR files and replacing the metron-data-management-0.4.0.jar in /usr/metron/0.4.0/lib with the modified jar follow the instructions noted in https://github.com/apache/metron/pull/643/files see if that helps if not let me know i can upload the JAR file (its 100M though) ... View more

I have got taxii to work but i keep getting error message "Exception in thread "main" java.lang.IllegalStateException: Extractor must be a STIX Extractor" when i try to push the feed to Hbase Here's what the extractor file looks like { "config": { "zk_quorum": "node1:2181", "columns": { "stix_address_categories" : "IPV_4_ADDR" }, "indicator_column": "ip", "type" : "malicious_ip", "separator" : "," } ,"extractor" : "STIX" } ... View more

@asubramanian What version of ansible did you use to get the opentaxii feed? i tried running it on 2.0.0.2 and still getting service not defined error while checking the opentaxii status, the service is running though. I followed the work around steps but still the same error. ... View more

I think you are missing some rpm's are these the only rpm's in the localrepo? here's what i have in my localrepo Metron-common, metron-config,metron-data-management, metron-elasticsearch, metron-enrichment, metron-indexing, metron-parser, metron-pcap, metron-profiler, metron,rest, metron-solr Try running createrepo /localrepo again and see if that fixes the issue if not try running mvn clean install followed by cd metron-deployment/packaging/docker/rpm-docker and follow the instructions in https://cwiki.apache.org/confluence/display/METRON/Metron+0.4.0+with+HDP+2.5+bare-metal+install+on+Centos+6+with+MariaDB+for+Metron+REST ... View more

Tried on Ubuntu 14 and 16 metron 0.4.0 and there is no issue with the installation and i referred https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=68718548 for installation steps, just make sure to install Docker manually as well before getting to steps to start metron install. Also it depends on how you install some folders need elevated access such as "Virtualbox VM" etc. The only issue I still have on Ubuntu is I cannot bring the metron on the network, there seems to be something missing in the installation or the way it works on Ubuntu. When the metron VM is brought up using Virtual box it runs but the VM is not imported into the Virtualbox just as it does when installed on Centos. ... View more

@asubramanian I followed the same steps but on Ubuntu but when i start my VirtualBox UI i dont see any VM being created but my metron is running. Do the VM need to be imported manually in the Virtualbox to change the ip address? ... View more

Got it working on a bare metal HDP2.5 seems to be a known issues with Virtualbox when installed on a VM. But now i have another issue, i cannot change the "node1" ip address from the default 192.168.66.121 to something that is routed over our internal network tried changing the host file and even the "Vagrantfile" in /metron-deployment/vagrant/full-dev-platform but nothing works. ... View more

Instead of writing all to single line JSON can this be broken down to write each at a single line such as {"_key":"01","language":"Java","edition":"third","author":"Herbert Schildt"} {"_key":"07","language":"C++","edition":"second","author":"E.Balagurusamy"} I tried using a replace text processor with append('\n') but that didnt seem to work. ... View more

Thanks for the trick it helped me setup the cluster with 2 nodes was having an issue since long getting the cluster up with manual installation. ... View more