X-Mailer: ASF-Git Admin Mailer Subject: [04/39] metron git commit: METRON-1607 update public web site to point at 0.5.0 new release (justinleet) closes apache/metron#1053 http://git-wip-us.apache.org/repos/asf/metron/blob/ae1d3eb9/site/current-book/metron-sensors/pycapa/index.html ---------------------------------------------------------------------- diff --git a/site/current-book/metron-sensors/pycapa/index.html b/site/current-book/metron-sensors/pycapa/index.html index 8c46464..f81aee9 100644 --- a/site/current-book/metron-sensors/pycapa/index.html +++ b/site/current-book/metron-sensors/pycapa/index.html @@ -1,313 +1,199 @@ - + Metron – Pycapa - + - - - - - - - - - - - - - - -

- -

+ + + + +

Apache/

Metron/

Documentation/

Pycapa

| Last Published: 2018-06-07

Version: 0.5.0

- -

- - -

User Documentation
- - - - Metron -
- - - - - Upgrading -
- - - - - Analytics -
- - - - - Docker -
- - - - - Deployment -
- - - - - Alerts -
- - - - - Config -
- - - - - Rest -
- - - - - Platform -
- - - - - Sensors -
  - - - - - Fastcapa -
  - - - Pycapa -
  -
- - - - - Stellar-3rd-party-example -
- - - - - Stellar-common -
- - - - - Use-cases -
-

- - - -

- -

User Documentation
Metron +
- CONTRIBUTING
- Upgrading
- Analytics
- Docker
- Performance
- Deployment
- Alerts
- Config
- Rest
- Platform
- Sensors +
  - Fastcapa
  - Pycapa
  +
- Stellar-3rd-party-example
- Stellar-common
- Stellar-zeppelin
- Use-cases
+

- - -

- -

Pycapa

+ +

Pycapa

Overview
Installation
Usage -
- Parameters
- Examples
- Kerberos

FAQs

Overview

Pycapa performs network packet capture, both off-the-wire and from a Kafka topic, which is useful for the testing and development of Apache Metron. It is not intended for production use. The tool will capture packets from a specified interface and push them into a Kafka Topic. The tool can also do the reverse. It can consume packets from Kafka and reconstruct each network packet. This can then be used to create a libpcap-compliant file or even to feed directly into a tool like Wireshark to monitor ongoing activity.

Installation

General notes on the installation of Pycapa.

Python 2.7 is required.
The following package dependencies are required and can be installed automatically with pip. -
- confluent-kafka-python
- pcapy

These instructions can be used directly on CentOS 7+.

Other Linux distributions that come with Python 2.7 can use these instructions with some minor modifications.

Older distributions, like CentOS 6, that come with Python 2.6 installed, should install Python 2.7 within a virtual environment and then run Pycapa from within the virtual environment.

-
Install system dependencies including the core development tools, Python libraries and header files, and Libpcap libraries and header files. On CentOS 7+, you can install these requirements with the following command.
- -
-
-
```
   yum -y install "@Development tools" python-devel libpcap-devel
-
```

Install system dependencies including the core development tools, Python libraries and header files, and Libpcap libraries and header files. On CentOS 7+, you can install these requirements with the following command.

yum -y install "@Development tools" python-devel libpcap-devel
+

Install Librdkafka at your chosen $PREFIX.

- -

   export PREFIX=/usr
-   wget https://github.com/edenhill/librdkafka/archive/v0.9.4.tar.gz  -O - | tar -xz
-   cd librdkafka-0.9.4/
-   ./configure --prefix=$PREFIX
-   make
-   make install
-

export PREFIX=/usr
+wget https://github.com/edenhill/librdkafka/archive/v0.9.4.tar.gz   -O - | tar -xz
+cd librdkafka-0.9.4/
+./configure --prefix=$PREFIX
+make
+make install
+

Add Librdkafka to the dynamic library load path.

- -

echo "$PREFIX/lib" >> /etc/ld.so.conf.d/pycapa.conf
+
+
+
+echo "$PREFIX/lib" >> /etc/ld.so.conf.d/pycapa.conf
 ldconfig -v
-

Install Pycapa. This assumes that you already have the Metron source code on the host.

- -

cd metron/metron-sensors/pycapa + +

Install Pycapa. This assumes that you already have the Metron source code on the host.

+ +

cd metron/metron-sensors/pycapa
 pip install -r requirements.txt
 python setup.py install
-

Usage

Pycapa has two primary runtime modes.

-
Producer Mode: Pycapa can capture packets from a network interface and forward those packets to a Kafka topic. Pycapa embeds the raw network packet data in the Kafka message body. The message key contains the timestamp indicating when the packet was captured in microseconds from the epoch, in network byte order.

Producer Mode: Pycapa can capture packets from a network interface and forward those packets to a Kafka topic. Pycapa embeds the raw network packet data in the Kafka message body. The message key contains the timestamp indicating when the packet was captured in microseconds from the epoch, in network byte order.

-
Consumer Mode: Pycapa can also perform the reverse operation. It can consume packets from Kafka and reconstruct each network packet. This can then be used to create a libpcap-compliant file or even to feed directly into a tool like Wireshark to monitor activity.

Consumer Mode: Pycapa can also perform the reverse operation. It can consume packets from Kafka and reconstruct each network packet. This can then be used to create a libpcap-compliant file or even to feed directly into a tool like Wireshark to monitor activity.

Parameters

$ pycapa --help
+
+
+$ pycapa --help
 usage: pycapa [-h] [-p] [-c] [-k KAFKA_BROKERS] [-t KAFKA_TOPIC]
               [-o {begin,end,stored}] [-i NETWORK_IFACE] [-m MAX_PACKETS]
               [-pp PRETTY_PRINT] [-ll LOG_LEVEL] [-X KAFKA_CONFIGS]
@@ -335,16 +221,17 @@ optional arguments:
   -s SNAPLEN, --snaplen SNAPLEN
                         capture only the first X bytes of each packet;
                         default=65535
-

Examples

Example 1

Capture 10 packets from the eth0 network interface and forward those to a Kafka topic called pcap running on localhost:9092. The process will not terminate until all messages have been delivered to Kafka.

$ pycapa --producer \
+
+
+$ pycapa --producer \
     --interface eth0 \
     --kafka-broker localhost:9092 \
     --kafka-topic pcap \
@@ -353,14 +240,15 @@ INFO:root:Connecting to Kafka; {'bootstrap.servers': 'localhost:9092', 'group.id
 INFO:root:Starting packet capture
 INFO:root:Waiting for '6' message(s) to flush
 INFO:root:'10' packet(s) in, '10' packet(s) out
-

Example 2

Capture packets until SIGINT is received (the interrupt signal sent when entering CTRL-C in the console.) In this example, nothing will be reported as packets are captured and delivered to Kafka. Simply wait a few seconds, then type CTRL-C and the number of packets will be reported.

$ pycapa --producer \
+
+
+$ pycapa --producer \
     --interface en0 \
     --kafka-broker localhost:9092 \
     --kafka-topic pcap
@@ -370,14 +258,15 @@ INFO:root:Starting packet capture
 INFO:root:Clean shutdown process started
 INFO:root:Waiting for '2' message(s) to flush
 INFO:root:'21' packet(s) in, '21' packet(s) out
-

Example 3

While capturing packets, output diagnostic information every 5 packets. Diagnostics will report when packets have been received from the network interface and when they have been successfully delivered to Kafka.

$ pycapa --producer \
+
+
+$ pycapa --producer \
     --interface eth0 \
     --kafka-broker localhost:9092 \
     --kafka-topic pcap \
@@ -399,37 +288,39 @@ INFO:root:'21' packet(s) in, '21' packet(s) out
   INFO:root:Waiting for '1' message(s) to flush
   INFO:root:'27' packet(s) in, '27' packet(s) out
 
-

Example 4

Consume 10 packets and create a libpcap-compliant pcap file.

  $ pycapa --consumer \
-      --kafka-broker localhost:9092 \
-      --kafka-topic pcap \
-      --max-packets 10 \
-      > out.pcap
-  $ tshark -r out.pcap
-      1   0.000000 199.193.204.147 → 192.168.0.3  TLSv1.2 151 Application Data
-      2   0.000005 199.193.204.147 → 192.168.0.3  TLSv1.2 1191 Application Data
-      3   0.000088  192.168.0.3 → 199.193.204.147 TCP 66 54788 → 443 [ACK] Seq=1 Ack=86 Win=4093 Len=0 TSval=961284465 TSecr=943744612
-      4   0.000089  192.168.0.3 → 199.193.204.147 TCP 66 54788 → 443 [ACK] Seq=1 Ack=1211 Win=4058 Len=0 TSval=961284465 TSecr=943744612
-      5   0.948788  192.168.0.3 → 192.30.253.125 TCP 54 54671 → 443 [ACK] Seq=1 Ack=1 Win=4096 Len=0
-      6   1.005175 192.30.253.125 → 192.168.0.3  TCP 66 [TCP ACKed unseen segment] 443 → 54671 [ACK] Seq=1 Ack=2 Win=31 Len=0 TSval=2658544467 TSecr=961240339
-      7   1.636312 fe80::1286:8cff:fe0e:65df → ff02::1      ICMPv6 134 Router Advertisement from 10:86:8c:0e:65:df
-      8   2.253052 192.175.27.112 → 192.168.0.3  TLSv1.2 928 Application Data
-      9   2.253140  192.168.0.3 → 192.175.27.112 TCP 66 55078 → 443 [ACK] Seq=1 Ack=863 Win=4069 Len=0 TSval=961286699 TSecr=967172238
-     10   2.494769  192.168.0.3 → 224.0.0.251  MDNS 82 Standard query 0x0000 PTR _googlecast._tcp.local, "QM" question
-

    $ pycapa --consumer \
+        --kafka-broker localhost:9092 \
+        --kafka-topic pcap \
+        --max-packets 10 \
+        > out.pcap
+    $ tshark -r out.pcap
+        1   0.000000 199.193.204.147 → 192.168.0.3  TLSv1.2 151   Application Data
+        2   0.000005 199.193.204.147 → 192.168.0.3  TLSv1.2 1191   Application Data
+        3   0.000088  192.168.0.3 → 199.193.204.147 TCP 66 54788 → 443   [ACK] Seq=1 Ack=86 Win=4093 Len=0 TSval=961284465 TSecr=943744612
+        4   0.000089  192.168.0.3 → 199.193.204.147 TCP 66 54788 → 443   [ACK] Seq=1 Ack=1211 Win=4058 Len=0 TSval=961284465 TSecr=943744612
+        5   0.948788  192.168.0.3 → 192.30.253.125 TCP 54 54671 → 443   [ACK] Seq=1 Ack=1 Win=4096 Len=0
+        6   1.005175 192.30.253.125 → 192.168.0.3  TCP 66 [TCP ACKed unseen segment] 443 → 54671 [ACK] Seq=1 Ack=2 Win=31 Len=0 TSval=2658544467 TSecr=961240339
+        7   1.636312 fe80::1286:8cff:fe0e:65df → ff02::1      ICMPv6 134 Router Advertisement from 10:86:8c:0e:65:df
+        8   2.253052 192.175.27.112 → 192.168.0.3  TLSv1.2 928 Application Data
+        9   2.253140  192.168.0.3 → 192.175.27.112 TCP 66 55078 → 443 [ACK] Seq=1 Ack=863 Win=4069 Len=0 TSval=961286699 TSecr=967172238
+       10   2.494769  192.168.0.3 → 224.0.0.251  MDNS 82 Standard query 0x0000 PTR _googlecast._tcp.local, "QM" question
+

Example 5

Consume 10 packets from the Kafka topic pcap running on localhost:9092, then pipe those into Wireshark for DPI.

$ pycapa --consumer \
+
+
+$ pycapa --consumer \
     --kafka-broker localhost:9092 \
     --kafka-topic pcap \
     --max-packets 10 \
@@ -446,59 +337,58 @@ Capturing on 'Standard input'
     9   2.083872 192.30.253.125 → 192.168.0.3  TCP 66 443 → 54671 [ACK] Seq=32 Ack=36 Win=31 Len=0 TSval=2658503087 TSecr=961120495
    10   3.173189 fe80::1286:8cff:fe0e:65df → ff02::1      ICMPv6 134 Router Advertisement from 10:86:8c:0e:65:df
 10 packets captured
-

Kerberos

The probe can be used in a Kerberized environment. Follow these additional steps to use Pycapa with Kerberos. The following assumptions have been made. These may need altered to fit your environment.

- +

The probe can be used in a Kerberized environment. Follow these additional steps to use Pycapa with Kerberos. The following assumptions have been made. These may need altered to fit your environment.

The Kafka broker is at kafka1:6667
Zookeeper is at zookeeper1:2181
The Kafka security protocol is SASL_PLAINTEXT
The keytab used is located at /etc/security/keytabs/metron.headless.keytab
The service principal is metron@EXAMPLE.COM

Build Librdkafka with SASL support (--enable-sasl) and install at your chosen $PREFIX.

- -

wget https://github.com/edenhill/librdkafka/archive/v0.9.4.tar.gz  -O - | tar -xz
+
+
+
+wget https://github.com/edenhill/librdkafka/archive/v0.9.4.tar.gz  -O - | tar -xz
 cd librdkafka-0.9.4/
 ./configure --prefix=$PREFIX --enable-sasl
 make
 make install
-

Validate Librdkafka does indeed support SASL. Run the following command and ensure that sasl is returned as a built-in feature.

- -

$ examples/rdkafka_example -X builtin.features + +

Validate Librdkafka does indeed support SASL. Run the following command and ensure that sasl is returned as a built-in feature.

+ +

$ examples/rdkafka_example -X builtin.features
 builtin.features = gzip,snappy,ssl,sasl,regex

If it is not, ensure that you have libsasl or libsasl2 installed. On CentOS, this can be installed with the following command.

- -

yum install -y cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi
-

- + +

If it is not, ensure that you have libsasl or libsasl2 installed. On CentOS, this can be installed with the following command.

+ +

yum install -y cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi
+

Grant access to your Kafka topic. In this example the topic is simply named pcap.

- -

${KAFKA_HOME}/bin/kafka-acls.sh \
+
+Grant access to your Kafka topic.  In this example the topic is simply named pcap.
+
+
+
+${KAFKA_HOME}/bin/kafka-acls.sh \
   --authorizer kafka.security.auth.SimpleAclAuthorizer \
   --authorizer-properties zookeeper.connect=zookeeper1:2181 \
   --add \
@@ -510,65 +400,60 @@ ${KAFKA_HOME}/bin/kafka-acls.sh \
   --add \
   --allow-principal User:metron \
   --group pycapa
-

- + +

Use Pycapa as you normally would, but append the following three additional parameters

security.protocol
sasl.kerberos.keytab
sasl.kerberos.principal

- -

  $ pycapa --producer \
-  --interface eth0 \
-  --kafka-broker kafka1:6667 \
-  --kafka-topic pcap --max-packets 10 \
-  -X security.protocol=SASL_PLAINTEXT \
-  -X sasl.kerberos.keytab=/etc/security/keytabs/metron.headless.keytab \
-  -X sasl.kerberos.principal=metron-metron@METRONEXAMPLE.COM
-  INFO:root:Connecting to Kafka; {'sasl.kerberos.principal': 'metron-metron@METRONEXAMPLE.COM', 'group.id': 'ORNLVWJZZUAA', 'security.protocol': 'SASL_PLAINTEXT', 'sasl.kerberos.keytab': '/etc/security/keytabs/metron.headless.keytab', 'bootstrap.servers': 'kafka1:6667'}
-  INFO:root:Starting packet capture
-  INFO:root:Waiting for '1' message(s) to flush
-  INFO:root:'10' packet(s) in, '10' packet(s) out
-

sasl.kerberos.principal + +

$ pycapa --producer \
+    --interface eth0 \
+    --kafka-broker kafka1:6667 \
+    --kafka-topic pcap --max-packets 10 \
+    -X security.protocol=SASL_PLAINTEXT \
+    -X sasl.kerberos.keytab=/etc/security/keytabs/metron.headless  .keytab \
+    -X sasl.kerberos.principal=metron-metron@METRONEXAMPLE.COM
+INFO:root:Connecting to Kafka; {'sasl.kerberos.principal':   'metron-metron@METRONEXAMPLE.COM', 'group.id': 'ORNLVWJZZUAA',   'security.protocol': 'SASL_PLAINTEXT', 'sasl.kerberos.keytab':   '/etc/security/keytabs/metron.headless.keytab', 'bootstrap.servers': 'kafka1:6667'}
+INFO:root:Starting packet capture
+INFO:root:Waiting for '1' message(s) to flush
+INFO:root:'10' packet(s) in, '10' packet(s) out
+

+ +

FAQs

How do I get more logs?

Use the following two command-line arguments to get detailed logging.

-X debug=all --log-level DEBUG
-

-X debug=all --log-level DEBUG
+

When I run Pycapa against a Kafka broker with Kerberos enabled, why do I get an error like “No such configuration property: ‘sasl.kerberos.principal’”?

This can be a confusing error message because sasl.kerberos.principal is indeed a valid property for librdkafka as defined here. This is most likely because Pycapa is running against a version of Librdkafka without SASL support enabled. This might happen if you have accidentally installed multiple versions of Librdkafka and Pycapa is unexpectedly using the version without SASL support enabled.

When I run Pycapa against a Kafka broker with Kerberos enabled, why do I get an error like “No such configuration property: ‘sasl.kerberos.principal’”?

Bottom Line: Make sure that Pycapa is running against a version of Librdkafka with SASL support enabled.

- - - - + + +

- http://git-wip-us.apache.org/repos/asf/metron/blob/ae1d3eb9/site/current-book/metron-stellar/stellar-3rd-party-example/index.html ---------------------------------------------------------------------- diff --git a/site/current-book/metron-stellar/stellar-3rd-party-example/index.html b/site/current-book/metron-stellar/stellar-3rd-party-example/index.html index d60a128..4e19e16 100644 --- a/site/current-book/metron-stellar/stellar-3rd-party-example/index.html +++ b/site/current-book/metron-stellar/stellar-3rd-party-example/index.html @@ -1,211 +1,108 @@ - + Metron – Introduction - + - - - - - - - - - - - - - - -

- -

+ + + + +

Apache/

Metron/

Documentation/

Introduction

| Last Published: 2018-06-07

Version: 0.5.0

- -

- - -

User Documentation
- - - - Metron -
- - - - - Upgrading -
- - - - - Analytics -
- - - - - Docker -
- - - - - Deployment -
- - - - - Alerts -
- - - - - Config -
- - - - - Rest -
- - - - - Platform -
- - - - - Sensors -
- - - Stellar-3rd-party-example -
- - - - - Stellar-common -
- - - - - Use-cases -
-

- - - -

- -

- - -

- -

Introduction

This is just a sample 3rd party stellar function (which is used in our unit testing). If Stellar changes its API (e.g. the annotation changes classes), then this will need to be built and the output jar of this (in target) will need to be placed in ../stellar-common/src/test/classpath-resources/.

User Documentation
Metron +
- CONTRIBUTING
- Upgrading
- Analytics
- Docker
- Performance
- Deployment
- Alerts
- Config
- Rest
- Platform
- Sensors
- Stellar-3rd-party-example
- Stellar-common
- Stellar-zeppelin
- Use-cases
+

+ +

Introduction

http://git-wip-us.apache.org/repos/asf/metron/blob/ae1d3eb9/site/current-book/metron-stellar/stellar-common/3rdPartyStellar.html ---------------------------------------------------------------------- diff --git a/site/current-book/metron-stellar/stellar-common/3rdPartyStellar.html b/site/current-book/metron-stellar/stellar-common/3rdPartyStellar.html index eb9e054..88d7ac6 100644 --- a/site/current-book/metron-stellar/stellar-common/3rdPartyStellar.html +++ b/site/current-book/metron-stellar/stellar-common/3rdPartyStellar.html @@ -1,216 +1,114 @@ - + Metron – Custom Stellar Functions - + - - - - - - - - - - - - - - -

- -

+ + + + +

Apache/

Metron/

Documentation/

Custom Stellar Functions

| Last Published: 2018-06-07

Version: 0.5.0

- -

- - -

User Documentation
- - - - Metron -
- - - - - Upgrading -
- - - - - Analytics -
- - - - - Docker -
- - - - - Deployment -
- - - - - Alerts -
- - - - - Config -
- - - - - Rest -
- - - - - Platform -
- - - - - Sensors -
- - - - - Stellar-3rd-party-example -
- - - - - Stellar-common -
  - - - 3rdPartyStellar -
  -
- - - - - Use-cases -
-

- - - -

- -

User Documentation
Metron +
- CONTRIBUTING
- Upgrading
- Analytics
- Docker
- Performance
- Deployment
- Alerts
- Config
- Rest
- Platform
- Sensors
- Stellar-3rd-party-example
- Stellar-common +
  - 3rdPartyStellar
  +
- Stellar-zeppelin
- Use-cases
+

- - -

- -

Custom Stellar Functions

+ +

Custom Stellar Functions

Metron is fundamentally a programmable, extensible system and Stellar is the extension language. We have some great Stellar functions available out of the box and we’ll be adding more over time, but they may not quite scratch quite your particular itch.

Of course, we’d love to have your contribution inside of Metron if you think it general purpose enough, but not every function is general-purpose or it may rely on libraries those licenses aren’t acceptable for an Apache project. In that case, then you will be wondering how to add your custom function to a running instance of Metron.

Building Your Own Function

Let’s say that I need a function that returns the current time in milliseconds since the epoch. I notice that there’s nothing like that currently in Metron, so I embark on the adventure of adding it for my cluster.

I will presume that you have an installed Metron into your local maven repo via mvn install . In the future, when we publish to a maven repo, you will not need this. I will depend on 0.4.2 for the purpose of this demonstration

Hack, Hack, Hack

I like to use Maven, so we’ll use that for this demonstration, but you can use whatever build system that you like. Here’s my favorite way to build a project with groupId com.mycompany.stellar and artifactId of tempus mvn archetype:create -DgroupId=com.mycompany.stellar -DartifactId=tempus -DarchetypeArtifactId=maven-archetype-quickstart

Hack, Hack, Hack

First, we should depend on metron-common and we can do that by adjusting the pom.xml just created:

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   
@@ -243,11 +141,12 @@
   </dependencies>
 </project>
 
+
 Let’s add our implementation in src/main/java/com/mycompany/stellar/TimeFunctions.java with the following content:
 
-
-
-package com.notmetron.stellar;
+
+
+package com.notmetron.stellar;
     
 import org.apache.metron.stellar.dsl.Context;
 import org.apache.metron.stellar.dsl.ParseException;
@@ -276,6 +175,7 @@ public class TimeFunction {
   }
 }
 
+
 Now we can build the project via mvn package which will create a target/tempus-1.0-SNAPSHOT.jar file.
 
 Install the Function
@@ -283,26 +183,22 @@ public class TimeFunction {
 
 Deploy the Jar
 First you need to place the jar in HDFS, if we have it on an access node, one way to do that is:
-
 
-  
+
 hadoop fs -put tempus-1.0-SNAPSHOT.jar /apps/metron/stellar This presumes that:
-  
 you’ve standardized on /apps/metron/stellar as the location for custom jars
-  
 you are running the command from an access node with the hadoop command installed
-  
 you are running from a user that has write access to /apps/metron/stellar
 
 
 Set Global Config
 You may not need this if your Metron administrator already has this setup.
-With that dispensed with, we need to ensure that Metron knows to look at that location. We need to ensure that the stellar.function.paths property in the global.json is in place that makes Metron aware to look for Stellar functions in /apps/metron/stellar on HDFS. 
+With that dispensed with, we need to ensure that Metron knows to look at that location. We need to ensure that the stellar.function.paths property in the global.json is in place that makes Metron aware to look for Stellar functions in /apps/metron/stellar on HDFS.
 This property looks like, the following for a vagrant install
 
-
-
-{
+
+
+{
   "es.clustername": "metron",
   "es.ip": "node1",
   "es.port": "9300",
@@ -310,21 +206,23 @@ public class TimeFunction {
   "stellar.function.paths" : "hdfs://node1:8020/apps/metron/stellar/.*.jar",
 }
 
+
 The stellar.function.paths property takes a comma separated list of URIs or URIs with regex expressions at the end. Also, note path is prefaced by the HDFS default name, which, if you do not know, can be found by executing, hdfs getconf -confKey fs.default.name, such as
 
-
-
-[root@node1 ~]# hdfs getconf -confKey fs.default.name
+
+
+[root@node1 ~]# hdfs getconf -confKey fs.default.name
 hdfs://node1:8020
-
+
+
 
 Use the Function
 Now that we have deployed the function, if we want to use it, any running topologies that use Stellar will need to be restarted.
 Beyond that, let’s take a look at it in the REPL:
 
-
-
-Stellar, Go!
+
+
+Stellar, Go!
 Please note that functions are loading lazily in the background and will be unavailable until loaded fully.
 {es.clustername=metron, es.ip=node1, es.port=9300, es.date.format=yyyy.MM.dd.HH, stellar.function.paths=hdfs://node1:8020/apps/metron/stellar/.*.jar, profiler.client.period.duration=1, profiler.client.period.duration.units=MINUTES}
 [Stellar]>>> # Get the help for NOW
@@ -339,23 +237,17 @@ Returns: Timestamp
 1488400515655
 [Stellar]>>> # Looks like I got a timestamp, success!
 
-                  
-            
-

- +