Example 1 with ZKServerComponent
use of org.apache.metron.integration.components.ZKServerComponent in project metron by apache.
the class ZKConfigurationsCacheIntegrationTest method setup.
@Before
public void setup() throws Exception {
zkComponent = new ZKServerComponent();
zkComponent.start();
client = ConfigurationsUtils.getClient(zkComponent.getConnectionString());
client.start();
cache = new ZKConfigurationsCache(client);
cache.start();
{
// parser
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(TestConstants.PARSER_CONFIGS_PATH + "/parsers/bro.json")));
ConfigurationsUtils.writeSensorParserConfigToZookeeper("bro", config, client);
}
{
// indexing
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(TestConstants.SAMPLE_CONFIG_PATH + "/indexing/test.json")));
ConfigurationsUtils.writeSensorIndexingConfigToZookeeper("test", config, client);
}
{
// enrichments
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(TestConstants.SAMPLE_CONFIG_PATH + "/enrichments/test.json")));
ConfigurationsUtils.writeSensorEnrichmentConfigToZookeeper("test", config, client);
}
{
// enrichments
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(TestConstants.SAMPLE_CONFIG_PATH + "/enrichments/test.json")));
ConfigurationsUtils.writeSensorEnrichmentConfigToZookeeper("test", config, client);
}
{
// profiler
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(profilerDir, "/readme-example-1/profiler.json")));
ConfigurationsUtils.writeProfilerConfigToZookeeper(config, client);
}
{
// global config
byte[] config = IOUtils.toByteArray(new FileInputStream(new File(TestConstants.SAMPLE_CONFIG_PATH + "/global.json")));
ConfigurationsUtils.writeGlobalConfigToZookeeper(config, client);
}
}
Also used :
ZKServerComponent(org.apache.metron.integration.components.ZKServerComponent)
File(java.io.File)
FileInputStream(java.io.FileInputStream)
Example 2 with ZKServerComponent
use of org.apache.metron.integration.components.ZKServerComponent in project metron by apache.
the class MaasIntegrationTest method setupBeforeClass.
@BeforeClass
public static void setupBeforeClass() throws Exception {
UnitTestHelper.setJavaLoggingLevel(Level.SEVERE);
LOG.info("Starting up YARN cluster");
zkServerComponent = new ZKServerComponent();
yarnComponent = new YarnComponent().withApplicationMasterClass(ApplicationMaster.class).withTestName(MaasIntegrationTest.class.getSimpleName());
runner = new ComponentRunner.Builder().withComponent("yarn", yarnComponent).withComponent("zk", zkServerComponent).withMillisecondsBetweenAttempts(15000).withNumRetries(10).build();
runner.start();
String zookeeperUrl = zkServerComponent.getConnectionString();
RetryPolicy retryPolicy = new ExponentialBackoffRetry(1000, 3);
client = CuratorFrameworkFactory.newClient(zookeeperUrl, retryPolicy);
client.start();
}
Also used :
ExponentialBackoffRetry(org.apache.curator.retry.ExponentialBackoffRetry)
ZKServerComponent(org.apache.metron.integration.components.ZKServerComponent)
YarnComponent(org.apache.metron.integration.components.YarnComponent)
RetryPolicy(org.apache.curator.RetryPolicy)
BeforeClass(org.junit.BeforeClass)
Example 3 with ZKServerComponent
use of org.apache.metron.integration.components.ZKServerComponent in project metron by apache.
the class PcapTopologyIntegrationTest method testTopology.
public void testTopology(Function<Properties, Void> updatePropertiesCallback, SendEntries sendPcapEntriesCallback, boolean withHeaders) throws Exception {
if (!new File(topologiesDir).exists()) {
topologiesDir = UnitTestHelper.findDir("topologies");
}
targetDir = UnitTestHelper.findDir("target");
final File outDir = getOutDir(targetDir);
final File queryDir = getQueryDir(targetDir);
clearOutDir(outDir);
clearOutDir(queryDir);
File baseDir = new File(new File(targetDir), BASE_DIR);
// Assert.assertEquals(0, numFiles(outDir));
Assert.assertNotNull(topologiesDir);
Assert.assertNotNull(targetDir);
Path pcapFile = new Path("../metron-integration-test/src/main/sample/data/SampleInput/PCAPExampleOutput");
final List<Map.Entry<byte[], byte[]>> pcapEntries = Lists.newArrayList(readPcaps(pcapFile, withHeaders));
Assert.assertTrue(Iterables.size(pcapEntries) > 0);
final Properties topologyProperties = new Properties() {
{
setProperty("topology.workers", "1");
setProperty("topology.worker.childopts", "");
setProperty("spout.kafka.topic.pcap", KAFKA_TOPIC);
setProperty("kafka.pcap.start", "EARLIEST");
setProperty("kafka.pcap.out", outDir.getAbsolutePath());
setProperty("kafka.pcap.numPackets", "2");
setProperty("kafka.pcap.maxTimeMS", "200000000");
setProperty("kafka.pcap.ts_granularity", "NANOSECONDS");
setProperty("kafka.spout.parallelism", "1");
setProperty("topology.auto-credentials", "[]");
setProperty("kafka.security.protocol", "PLAINTEXT");
setProperty("hdfs.sync.every", "1");
setProperty("hdfs.replication.factor", "-1");
}
};
updatePropertiesCallback.apply(topologyProperties);
final ZKServerComponent zkServerComponent = getZKServerComponent(topologyProperties);
final KafkaComponent kafkaComponent = getKafkaComponent(topologyProperties, Collections.singletonList(new KafkaComponent.Topic(KAFKA_TOPIC, 1)));
final MRComponent mr = new MRComponent().withBasePath(baseDir.getAbsolutePath());
FluxTopologyComponent fluxComponent = new FluxTopologyComponent.Builder().withTopologyLocation(new File(topologiesDir + "/pcap/remote.yaml")).withTopologyName("pcap").withTopologyProperties(topologyProperties).build();
// UnitTestHelper.verboseLogging();
ComponentRunner runner = new ComponentRunner.Builder().withComponent("mr", mr).withComponent("zk", zkServerComponent).withComponent("kafka", kafkaComponent).withComponent("storm", fluxComponent).withMaxTimeMS(-1).withMillisecondsBetweenAttempts(2000).withNumRetries(10).withCustomShutdownOrder(new String[] { "storm", "kafka", "zk", "mr" }).build();
try {
runner.start();
fluxComponent.submitTopology();
sendPcapEntriesCallback.send(kafkaComponent, pcapEntries);
runner.process(new Processor<Void>() {
@Override
public ReadinessState process(ComponentRunner runner) {
int numFiles = numFiles(outDir, mr.getConfiguration());
int expectedNumFiles = pcapEntries.size() / 2;
if (numFiles == expectedNumFiles) {
return ReadinessState.READY;
} else {
return ReadinessState.NOT_READY;
}
}
@Override
public ProcessorResult<Void> getResult() {
return null;
}
});
PcapJob job = new PcapJob();
{
// Ensure that only two pcaps are returned when we look at 4 and 5
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(4, pcapEntries), getTimestamp(5, pcapEntries), 10, new HashMap<>(), new Configuration(), FileSystem.get(new Configuration()), new FixedPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 2);
}
{
// Ensure that only two pcaps are returned when we look at 4 and 5
// test with empty query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(4, pcapEntries), getTimestamp(5, pcapEntries), 10, "", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 2);
}
{
// ensure that none get returned since that destination IP address isn't in the dataset
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(1, pcapEntries), 10, new HashMap<String, String>() {
{
put(Constants.Fields.DST_ADDR.getName(), "207.28.210.1");
}
}, new Configuration(), FileSystem.get(new Configuration()), new FixedPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 0);
}
{
// ensure that none get returned since that destination IP address isn't in the dataset
// test with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(1, pcapEntries), 10, "ip_dst_addr == '207.28.210.1'", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 0);
}
{
// same with protocol as before with the destination addr
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(1, pcapEntries), 10, new HashMap<String, String>() {
{
put(Constants.Fields.PROTOCOL.getName(), "foo");
}
}, new Configuration(), FileSystem.get(new Configuration()), new FixedPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 0);
}
{
// same with protocol as before with the destination addr
// test with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(1, pcapEntries), 10, "protocol == 'foo'", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), 0);
}
{
// make sure I get them all.
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, new HashMap<>(), new Configuration(), FileSystem.get(new Configuration()), new FixedPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), pcapEntries.size());
}
{
// make sure I get them all.
// with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, "", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(Iterables.size(results), pcapEntries.size());
}
{
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, new HashMap<String, String>() {
{
put(Constants.Fields.DST_PORT.getName(), "22");
}
}, new Configuration(), FileSystem.get(new Configuration()), new FixedPcapFilter.Configurator());
assertInOrder(results);
Assert.assertTrue(Iterables.size(results) > 0);
Assert.assertEquals(Iterables.size(results), Iterables.size(filterPcaps(pcapEntries, new Predicate<JSONObject>() {
@Override
public boolean apply(@Nullable JSONObject input) {
Object prt = input.get(Constants.Fields.DST_PORT.getName());
return prt != null && prt.toString().equals("22");
}
}, withHeaders)));
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PcapMerger.merge(baos, Iterables.partition(results, 1).iterator().next());
Assert.assertTrue(baos.toByteArray().length > 0);
}
{
// test with query filter and byte array matching
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, "BYTEARRAY_MATCHER('2f56abd814bc56420489ca38e7faf8cec3d4', packet)", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertEquals(1, Iterables.size(results));
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PcapMerger.merge(baos, Iterables.partition(results, 1).iterator().next());
Assert.assertTrue(baos.toByteArray().length > 0);
}
{
// test with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, "ip_dst_port == 22", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertTrue(Iterables.size(results) > 0);
Assert.assertEquals(Iterables.size(results), Iterables.size(filterPcaps(pcapEntries, new Predicate<JSONObject>() {
@Override
public boolean apply(@Nullable JSONObject input) {
Object prt = input.get(Constants.Fields.DST_PORT.getName());
return prt != null && (Long) prt == 22;
}
}, withHeaders)));
assertInOrder(results);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PcapMerger.merge(baos, Iterables.partition(results, 1).iterator().next());
Assert.assertTrue(baos.toByteArray().length > 0);
}
{
// test with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, "ip_dst_port > 20 and ip_dst_port < 55792", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertTrue(Iterables.size(results) > 0);
Assert.assertEquals(Iterables.size(results), Iterables.size(filterPcaps(pcapEntries, new Predicate<JSONObject>() {
@Override
public boolean apply(@Nullable JSONObject input) {
Object prt = input.get(Constants.Fields.DST_PORT.getName());
return prt != null && ((Long) prt > 20 && (Long) prt < 55792);
}
}, withHeaders)));
assertInOrder(results);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PcapMerger.merge(baos, Iterables.partition(results, 1).iterator().next());
Assert.assertTrue(baos.toByteArray().length > 0);
}
{
// test with query filter
Iterable<byte[]> results = job.query(new Path(outDir.getAbsolutePath()), new Path(queryDir.getAbsolutePath()), getTimestamp(0, pcapEntries), getTimestamp(pcapEntries.size() - 1, pcapEntries) + 1, 10, "ip_dst_port > 55790", new Configuration(), FileSystem.get(new Configuration()), new QueryPcapFilter.Configurator());
assertInOrder(results);
Assert.assertTrue(Iterables.size(results) > 0);
Assert.assertEquals(Iterables.size(results), Iterables.size(filterPcaps(pcapEntries, new Predicate<JSONObject>() {
@Override
public boolean apply(@Nullable JSONObject input) {
Object prt = input.get(Constants.Fields.DST_PORT.getName());
return prt != null && (Long) prt > 55790;
}
}, withHeaders)));
assertInOrder(results);
ByteArrayOutputStream baos = new ByteArrayOutputStream();
PcapMerger.merge(baos, Iterables.partition(results, 1).iterator().next());
Assert.assertTrue(baos.toByteArray().length > 0);
}
System.out.println("Ended");
} finally {
runner.stop();
clearOutDir(outDir);
clearOutDir(queryDir);
}
}
Also used :
KafkaComponent(org.apache.metron.integration.components.KafkaComponent)
Configuration(org.apache.hadoop.conf.Configuration)
HashMap(java.util.HashMap)
ProcessorResult(org.apache.metron.integration.ProcessorResult)
MRComponent(org.apache.metron.integration.components.MRComponent)
ZKServerComponent(org.apache.metron.integration.components.ZKServerComponent)
Properties(java.util.Properties)
FluxTopologyComponent(org.apache.metron.integration.components.FluxTopologyComponent)
Predicate(com.google.common.base.Predicate)
ReadinessState(org.apache.metron.integration.ReadinessState)
ComponentRunner(org.apache.metron.integration.ComponentRunner)
Path(org.apache.hadoop.fs.Path)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
JSONObject(org.json.simple.JSONObject)
PcapJob(org.apache.metron.pcap.mr.PcapJob)
JSONObject(org.json.simple.JSONObject)
SequenceFile(org.apache.hadoop.io.SequenceFile)
File(java.io.File)
Nullable(javax.annotation.Nullable)
Example 4 with ZKServerComponent
use of org.apache.metron.integration.components.ZKServerComponent in project metron by apache.
the class BaseIntegrationTest method getZKServerComponent.
protected static ZKServerComponent getZKServerComponent(final Properties topologyProperties) {
return new ZKServerComponent().withPostStartCallback((zkComponent) -> {
topologyProperties.setProperty(ZKServerComponent.ZOOKEEPER_PROPERTY, zkComponent.getConnectionString());
topologyProperties.setProperty("kafka.zk", zkComponent.getConnectionString());
});
}
Also used :
ZKServerComponent(org.apache.metron.integration.components.ZKServerComponent)
Example 5 with ZKServerComponent
use of org.apache.metron.integration.components.ZKServerComponent in project metron by apache.
the class TestConfig method client.
@Bean(initMethod = "start", destroyMethod = "close")
public CuratorFramework client(ComponentRunner componentRunner) {
RetryPolicy retryPolicy = new ExponentialBackoffRetry(1000, 3);
ZKServerComponent zkServerComponent = componentRunner.getComponent("zk", ZKServerComponent.class);
return CuratorFrameworkFactory.newClient(zkServerComponent.getConnectionString(), retryPolicy);
}
Also used :
ExponentialBackoffRetry(org.apache.curator.retry.ExponentialBackoffRetry)
ZKServerComponent(org.apache.metron.integration.components.ZKServerComponent)
RetryPolicy(org.apache.curator.RetryPolicy)
Bean(org.springframework.context.annotation.Bean)
Aggregations
ZKServerComponent (org.apache.metron.integration.components.ZKServerComponent)9
KafkaComponent (org.apache.metron.integration.components.KafkaComponent)5
File (java.io.File)4
ConfigUploadComponent (org.apache.metron.enrichment.integration.components.ConfigUploadComponent)4
Test (org.junit.Test)4
ComponentRunner (org.apache.metron.integration.ComponentRunner)3
FluxTopologyComponent (org.apache.metron.integration.components.FluxTopologyComponent)3
HashMap (java.util.HashMap)2
Properties (java.util.Properties)2
RetryPolicy (org.apache.curator.RetryPolicy)2
ExponentialBackoffRetry (org.apache.curator.retry.ExponentialBackoffRetry)2
SensorParserConfig (org.apache.metron.common.configuration.SensorParserConfig)2
EnrichmentKey (org.apache.metron.enrichment.converter.EnrichmentKey)2
EnrichmentValue (org.apache.metron.enrichment.converter.EnrichmentValue)2
LookupKV (org.apache.metron.enrichment.lookup.LookupKV)2
MockHTable (org.apache.metron.hbase.mock.MockHTable)2
BaseIntegrationTest (org.apache.metron.integration.BaseIntegrationTest)2
ParserTopologyComponent (org.apache.metron.parsers.integration.components.ParserTopologyComponent)2
JSONObject (org.json.simple.JSONObject)2
Predicate (com.google.common.base.Predicate)1
