Cloudera Community

Announcements
Welcome to the upgraded Community! Read this blog to see What’s New!
bharath_phatak
user rank
Explorer
My Accepted Solutions
Show All

Re: How to configure BasicPaloAltoFirewallParser/a...

by Explorer in Support Questions
‎08-03-2017 08:34 AM
‎08-03-2017 08:34 AM
The issue was with logs which i was using. When i injected full logs from Paloalto firewall, the logs were being parsed, enriched and indexed. Hopefully this will be helpfull for others. Thanks, Bharath ... View more

How to configure BasicPaloAltoFirewallParser/any j...

by Explorer in Support Questions
‎07-27-2017 01:07 PM
‎07-27-2017 01:07 PM
Hi All, I am followed the steps mentioned in below link and setup SQUID topology. The logs are getting enriched and indexed and visible in Kibana. Now i need to add BasicPaloAltoFirewallParser(Paloalto topology). Below is config json file. { "parserClassName":"org.apache.metron.parsers.paloalto.BasicPaloAltoFirewallParser", "sensorTopic":"newPalto", "parserConfig": { "timestampField": "timestamp" } } I dont see any errors, but the logs are not pushed into "enrichments" topic Any help would be much appreciated. Thanks ... View more
Labels:
Contact Me
Online
Offline
Last Visited
‎04-20-2018 01:51 PM
Community Statistics
Member Since ‎07-27-2017 07:57 AM
Last Visited ‎04-20-2018 01:51 PM
Posts 10