Management Utility
You should store your configurations on disk in the following structure, starting at $BASE_DIR:
global.json: The global configuration
sensors: The subdirectory containing sensor-enrichment configuration JSON (for example, snort.json or bro.json)
By default, this directory is deployed by the Ansible infrastructure at
$METRON_HOME/config/zookeeper
.
While the configs are stored on disk, they must be loaded into ZooKeeper to be used. You
can use the $METRON_HOME/bin/zk_load_config.sh utility
program to do
this.
This has the following options:
- -f,--force
Force operation
- -h,--help
Generate Help screen
- -i,--input_dir <DIR>
The input directory containing configuration files with names such as "$source.json"
- -m,--mode <MODE>
The mode of operation: DUMP, PULL, or PUSH
- -o,--output_dir (DIR)
The output directory that will store the JSON configuration from ZooKeeper
- -z,--zk_quorum <host:port,[host:port]*>
ZooKeeper quorum URL (zk1:port,zk2:port,…)
Following are some usage examples:
To dump the existing configs from ZooKeeper on the single-node vagrant machine:
$METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m DUMP
To push the configs into ZooKeeper on the single-node vagrant machine:
$METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m PUSH -i $METRON_HOME/config/zookeeper
To pull the configs from ZooKeeper to the single-node vagrant machine disk:
$METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m PULL -o $METRON_HOME/config/zookeeper -f