Hortonworks Cybersecurity Platform
Also available as:
PDF
loading table of contents...

Install Profiler

Data scientists use the Profiler to describe the behavior of entities on a network. The first step in setting up a Profiler is to install it.

  1. Build the Metron RPMs (see Building the RPMs).
    You might have already built the Metron RPMs when core Metron was installed.
    $ find metron-deployment/ -name "metron-profiler*.rpm"
    metron-deployment//packaging/docker/rpm-docker/RPMS/noarch/metron-profiler-0.4.1-201707131420.noarch.rpm
    
  2. Copy the Profiler RPM to the installation host.
    The installation host must be the same host on which HCP was installed. Depending on how you installed HCP, the Profiler RPM might have already been copied to this host with the other HCP RPMs.
    [root@$METRON_HOME ~]# find /localrepo/ -name "metron-profiler*.rpm" /localrepo/metron-profiler-0.4.0-201707112313.noarch.rpm
  3. Install the RPM.
    [root@$METRON_HOME ~]# rpm -ivh metron-profiler-*.noarch.rpm
    Preparing...                ########################################### [100%]
       1:metron-profiler        ########################################### [100%]
    
    [root@$METRON_HOME ~]# rpm -ql metron-profiler
    /usr/metron
    /usr/metron/0.4.1
    /usr/metron/0.4.1/bin
    /usr/metron/0.4.1/bin/start_profiler_topology.sh
    /usr/metron/0.4.1/config
    /usr/metron/0.4.1/config/profiler.properties
    /usr/metron/0.4.1/flux
    /usr/metron/0.4.1/flux/profiler
    /usr/metron/0.4.1/flux/profiler/remote.yaml
    /usr/metron/0.4.1/lib
    /usr/metron/0.4.1/lib/metron-profiler-0.4.0-uber.jar
    
  4. Create a table within HBase that will store the profile data. By default, the table is named profiler with a column family P.
    $ /usr/hdp/current/hbase-client/bin/hbase shell
    hbase(main):001:0> create 'profiler', 'P'
    
    The table name and column family must match the Profiler's configuration (see Configuring the Profiler).
  5. Edit the configuration file located at $METRON_HOME/config/profiler.properties.
    kafka.zk=node1:2181
    kafka.broker=node1:6667
    
    Change kafka.zk to refer to ZooKeeper in your environment.
    Change kafka.broker to refer to a Kafka Broker in your environment.
  6. Start the Profiler topology.
    $ cd $METRON_HOME
    $ bin/start_profiler_topology.sh
    
    At this point the Profiler is running and consuming telemetry messages. We have not defined any profiles yet, so it is not doing anything very useful. The next section walks you through the steps to create your very first "Hello, World!" profile.