THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
ok: [localhost] => {
"Success": [
"Apache Metron deployed successfully",
" Metron @ [METRON_HOST]:5000",
" Ambari @ [AMBARI_HOST]:8080",
" Sensor Status @ [SENSOR_HOST]:2812",
" Topology Status @ [MONIT_HOST]:2812",
"For additional information, see https://metron.incubator.apache.org/'"
]
}
Step 2c : Setup a Partial AWS Metron Environment
If you don't want to setup a full Metron environment you can deploy individual Metron modules. To do so, you need to define the Metron inventory. A sample inventory is provided with Metron to make custom inventories easier to defile. To get to the inventory run the following command:
cd incubator-metron/metron-deployment/inventory/metron_example
There you will see two files: hosts and environment_vars/all. The first thing we need to define are environment variables for the Ansible scripts in the environment_vars/all file. Lets briefly go through the explanation of what each variable section means:
Leave the enrichment topology running and kill the other parser topologies (bro, snort, or yaf) with either the "storm kill" command or with the Storm UI at http://node1:8744/index.html. Now lets install the Squid sensor.
...