...
- Check the Monit service interface at http://node1:2812 (user/pass of admin/adminmonit) and turn on the bro, snort, and yaf topologies - Check Storm to make sure all the topologies are up From Ambari navigate to Storm -> Quick Links -> Storm UI - Check that the enrichment topology has emitted some data (could take a few minutes to show up in the Storm UI) - Check indexes to make sure indexing is done correctly and data is visualized in Kibana in a browser at http://node1:5000 - Check that some data is written into HDFS for at least one of the data sources Look in HDFS under /apps/metron/enrichment/indexed/yaf_doc|bro_doc|snort_doc This can be done from the browser by going to http://node:50070/explorer.html#/apps/metron/enrichment/indexed
...