THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- ssh into Host $HOST_WITH_ENRICHMENT_TAG as root
- Open up the global validation configuration
- vi /usr/metron/$METRON_VERSION/config/zookeeper/global.json
- Add the following validation configuration to it and save it. the file after the es configuration
}
"{
"es.clustername": "metron",
"es.ip": "$SEARCH_HOST", //make sure to replace this
"es.port": "$SEARCH_HOST_PORT", //make sure to replace this
"es.date.format": "yyyy.MM.dd.HH",
"fieldValidations" : [
{
"input" : [ "ip_src_addr", "ip_dst_addr" ],
"validation" : "IP",
"config" : {
"type" : "IPV4"
}
}
]
- Push the global configuration to zookeeper
- /usr/metron/$METRON_VERSION/bin/zk_load_configs.sh -i /usr/metron/$METRON_VERSION/config/zookeeper -m PUSH -z $ZOOKEEPER_HOST:2181
- Dump the configs and validate it got persisted
- /usr/metron/$METRON_VERSION/bin/zk_load_configs.sh -m DUMP -z $ZOOKEEPER_HOST:2181
- /usr/metron/$METRON_VERSION/bin/zk_load_configs.sh -m DUMP -z $ZOOKEEPER_HOST:2181
...
The below describes the validation configuration you see above.
More details on the validation framework can be found in the Validation Framework section here: https://github.com/apache/incubator-metron/tree/master/metron-platform/metron-common#transformation-language
...