Cloudera Docs » 1.5.0 » Installation
Installation
Also available as:
PDF
loading table of contents...

Installing Solr

If you are using Apache Solr, install it using the Ambari HDP Search management pack.

  1. Install the Ambari HDP Search Management pack.

    For instructions on downloading and using the Ambari HDP Search management pack, see Apache Solr Search Installation.

  2. In Ambari, navigate to the Metron Indexing Settings tab.

  3. Append /solr to the end of the host information in Solr ZooKeeper Urls.

  4. Copy the Metron schema files located at $METRON_HOME/config/schema to the Solr node.

  5. Set the SOLR_HOME and SOLR_USER environment variables. In HDP Search, the SOLR_HOME path is /opt/lucidworks-hdpsearch/solr/.

    export SOLR_HOME=/opt/lucidworks-hdpsearch/solr/
export SOLR_USER=solr

  6. Create a collection for error and metaalert:

    su $SOLR_USER -c "$SOLR_HOME/bin/solr create -c error -d $METRON_HOME/config/schema/error/"
su $SOLR_USER -c "$SOLR_HOME/bin/solr create -c metaalert -d $METRON_HOME/config/schema/metaalert/"

  7. Create a collection for each of the sensors you are running.

    For example to create a collection for bro, snort, and yaf:

    su $SOLR_USER -c "$SOLR_HOME/bin/solr create -c bro -d $METRON_HOME/config/schema/bro/"
su $SOLR_USER -c "$SOLR_HOME/bin/solr create -c snort -d $METRON_HOME/config/schema/snort/"
su $SOLR_USER -c "$SOLR_HOME/bin/solr create -c yaf -d $METRON_HOME/config/schema/yaf/"

  8. Pull all configurations from ZooKeeper to the Metron config directory:

    $METRON_HOME/bin/zk_load_configs.sh -m PULL -z $ZOOKEEPER -o $METRON_HOME/config/zookeeper -f

  9. Add "source.type.field" : "source.type" to the global.json file located at $METRON_HOME/config/zookeeper/global.json.

    $METRON_HOME/bin/zk_load_configs.sh -m PULL -z $ZOOKEEPER -i $METRON_HOME/config/zookeeper -f

    The global.json file should look similar to:

    {
  "es.clustername" : "metron",
  "es.ip" : "blah:9300",
  "es.date.format" : "yyyy.MM.dd.HH",
  "parser.error.topic" : "indexing",
  "update.hbase.table" : "metron_update",
  "update.hbase.cf" : "t",
  "es.client.settings" : {
    "client.transport.ping_timeout" : "500s"
  },
  "solr.zookeeper" : "ip-10-0-0-164.us-west-1.compute.internal:2181/solr",
  "source.type.field" : "source.type",
  "profiler.client.period.duration" : "15",
  "profiler.client.period.duration.units" : "MINUTES",
  "user.settings.hbase.table" : "user_settings",
  "user.settings.hbase.cf" : "cf",
  "geo.hdfs.file" : "/apps/metron/geo/default/GeoLite2-City.mmdb.gz"
}

  10. Push the configuration to ZooKeeper:

    $METRON_HOME/bin/zk_load_configs.sh -m PUSH -z $ZOOKEEPER -i $METRON_HOME/config/zookeeper

  11. Stop and restart Solr.

  12. From Ambari, select Metron from the components panel.

  13. If it is not already selected, click the Configs tab, then click the Indexing tab.

  14. Choose Solr in the Index Writer - Random Access pull down menu.

  15. Click Save.

  16. From Ambari, stop and restart the Metron Alerts user interface.

  17. From Ambari, stop and restart Metron REST.

© 2012–2020, Cloudera, Inc.
Document licensed under the Creative Commons Attribution ShareAlike 4.0 License.
Cloudera.com | Documentation | Support | Community