...
Verify metron is working: - Check Ambari to make sure all the services are up by going to ambari in a browser at http://node1:8080
- Check the Monit service interface at http://node1:2812 (user/pass of admin/monit) and turn on the bro, snort, and yaf topologies - Check Storm to make sure all the topologies are up From Ambari navigate to Storm -> Quick Links -> Storm UI - Check that the enrichment topology has emitted some data (could take a few minutes to show up in the Storm UI) - Check indexes to make sure indexing is done correctly and data is visualized in Kibana in a browser at http://node1:5000 - Check that some data is written into HDFS for at least one of the data sources Look in HDFS under /apps/metron/enrichmentindexing/indexed/yaf_doc|bro_doc|snort_doc
This can be done from the browser by by running hdfs dfs -ls /apps/metron/indexing/indexed/
- Test the Management UI at going to http://nodenode1:50070/explorer.html#/apps/metron/enrichment/indexed4200/
Step 3 (optional) – Verify AWS Multi-Node Deploy with Ansible (NOTE: This will cost money to deploy AWS servers) cd metron-deployment/amazon-ec2 ./run.sh For a more complete set of instructions refer to: https://github.com/apache/incubator-metron/tree/master/metron-deployment To verify the working build go through the same verifications as in Step2, but on AWS. Reference playbook.yml for location of the services. Ambari-master contains Ambari, web contains Kibana and sensors.