metron-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nick Allen <n...@nickallen.org>
Subject Re: Metron STIX/Taxii enrichment
Date Tue, 04 Oct 2016 16:53:19 GMT
Thanks, Anand.  I will try and replicate the problem and validate your fix.

Did you want to submit a PR for that fix?  I'd like you to get credit for
the work that you did.  If you would prefer not to, I can create the PR.
It is up to you.

On Tue, Oct 4, 2016 at 12:44 PM, Anand Subramanian <
asubramanian@hortonworks.com> wrote:

> Hello Carolyn,
>
> This is the same issue as METRON-484. Refer to the defect details for a
> workaround.
>
> Regards
> Anand
>
>
>
> On 10/4/16, 7:37 PM, "Carolyn Duby" <cduby@hortonworks.com> wrote:
>
> >I tried this on the quick-dev.  I added an ssh key to the root user.  The
> ansible script completed, but when I do a status on opentaxxi service I get
> this:
> >
> >[root@node1 ~]# service opentaxii status
> >Checking opentaxii...                             Running
> >Services not defined
> >
> >According to the article, it should look like this:
> >
> >[root@metron-test]# service opentaxii status
> >guest.phishtank_com                                888
> >guest.Abuse_ch                                     0
> >
> >
> >Thanks
> >Carolyn
> >
> >
> >
> >On 10/4/16, 4:46 AM, "Anand Subramanian" <asubramanian@hortonworks.com>
> wrote:
> >
> >>Hi Dima,
> >>
> >>Please see if this helps:
> >>https://community.hortonworks.com/articles/
> 59698/pushing-stixtaxii-feeds-from-opentaxii-server-into.html
> >>
> >>
> >>Regards,
> >>Anand
> >>
> >>
> >>
> >>On 10/4/16, 5:55 AM, "Dima Kovalyov" <Dima.Kovalyov@sstech.us> wrote:
> >>
> >>>I am trying to use STIX Extractor and Taxii Loader to load data in HBase
> >>>table for further Threat Intel enrichment in Metron.
> >>>
> >>>I am using following article that describes required configuration
> >>>https://github.com/apache/incubator-metron/tree/master/
> metron-platform/metron-data-management
> >>>
> >>>However, when I configure and launch following command:
> >>>/usr/metron/0.2.0BETA/bin/threatintel_taxii_load.sh -e
> >>>extractor_config_taxii.json -c taxii_endpoint.json -n
> >>>enrichment_config.json -b '2016-10-01 00:00:00'
> >>>I receive an error:
> >>>16/10/04 00:17:31 ERROR taxii.TaxiiHandler:
> >>>java.lang.NullPointerException
> >>>...
> >>>Exception in thread "Timer-0" java.lang.RuntimeException: Unable to make
> >>>request
> >>>...
> >>>Caused by: java.lang.NullPointerException
> >>>...
> >>>
> >>>Is there any additional documentation for that? (preferably with samples
> >>>that works).
> >>>
> >>>At this point I am just trying  to get any data from any publicly
> >>>available feed, such as hailataxii.com or open.taxiistand.com.
> >>>
> >>>Please share some knowledge or insight. Thank you.
> >>>
> >>>- Dima
> >>>
>



-- 
Nick Allen <nick@nickallen.org>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message