Versions Compared

Old Version 35

changes.mady.by.user James Sirota

Saved on

compared with

New Version 36

changes.mady.by.user James Sirota

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Export enrichment node to the environment variable 

Reference ambari url 

0.xBETA 

In this blog post we will walk through what it takes to setup a new telemetry source in Metron.  For this example we will setup a new sensor, capture the sensor logs, pipe the logs to Kafka, pick up the logs with a Metron parsing topology, parse them, and run them through the Metron stream processing pipeline.  

...

Create a Squid Grok parser configuration file at /usr/metron/0.1BETA/config/zookeeper/parsers/squid.json with the following contents:

TODO

reference stellar docs

relink

{
  "parserClassName""org.apache.metron.parsers.GrokParser",
  "sensorTopic""squid",
  "parserConfig": {
    "grokPath""/apps/metron/patterns/squid",
    "patternLabel""SQUID_DELIMITED",
    "timestampField": "timestamp"
  },

  "fieldTransformations" : [

     {

     "transformation" : "MTL"
    ,"output" : [ "full_hostname", "domain_without_subdomains" ]
    ,"config" : {
                    "full_hostname" : "URL_TO_HOST(url)"
                   ,"domain_without_subdomains" : "DOMAIN_REMOVE_SUBDOMAINS(full_hostname)"
                   }
     }
]


}

...