Administration
Also available as:
PDF
loading table of contents...

Management Utility

You should store your configurations on disk in the following structure, starting at $BASE_DIR:

  • global.json: The global configuration

  • sensors: The subdirectory containing sensor-enrichment configuration JSON (for example, snort.json or bro.json)

By default, this directory is deployed by the Ansible infrastructure at $METRON_HOME/config/zookeeper.

While the configs are stored on disk, they must be loaded into ZooKeeper to be used. You can use the $METRON_HOME/bin/zk_load_config.sh utility program to do this.

This has the following options:

-f,--force

Force operation

-h,--help

Generate Help screen

-i,--input_dir <DIR>

The input directory containing configuration files with names such as "$source.json"

-m,--mode <MODE>

The mode of operation: DUMP, PULL, or PUSH

-o,--output_dir (DIR)

The output directory that will store the JSON configuration from ZooKeeper

-z,--zk_quorum <host:port,[host:port]*>

ZooKeeper quorum URL (zk1:port,zk2:port,…)

Following are some usage examples:

  • To dump the existing configs from ZooKeeper on the single-node vagrant machine: $METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m DUMP

  • To push the configs into ZooKeeper on the single-node vagrant machine: $METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m PUSH -i $METRON_HOME/config/zookeeper

  • To pull the configs from ZooKeeper to the single-node vagrant machine disk: $METRON_HOME/bin/zk_load_configs.sh -z node1:2181 -m PULL -o $METRON_HOME/config/zookeeper -f