| { |
| "dbname" : "database name", |
| "hdfs_app_path" : "hdfs application path", |
| "collector_processes":5, |
| "ingestion_interval":1, |
| "spark-streaming":{ |
| "driver_memory":"", |
| "spark_exec":"", |
| "spark_executor_memory":"", |
| "spark_executor_cores":"", |
| "spark_batch_size":"" |
| }, |
| "kafka":{ |
| "kafka_server":"kafka ip", |
| "kafka_port":"kafka port", |
| "zookeper_server":"zk ip", |
| "zookeper_port":"zk port", |
| "message_size":900000 |
| }, |
| "pipelines":{ |
| "flow":{ |
| "type":"flow", |
| "collector_path":"/collector_path/flow", |
| "local_staging":"/tmp/", |
| "supported_files":["nfcapd."], |
| "process_opt":"" |
| }, |
| "dns":{ |
| "type":"dns", |
| "collector_path":"/collector_path/dns", |
| "local_staging":"/collector_path/dns/tmp", |
| "supported_files":[".pcap"], |
| "pkt_num":"650000", |
| "pcap_split_staging":"/collector_path/dns/dns_staging", |
| "process_opt":"-E separator=, -E header=y -E occurrence=f -T fields -e frame.time -e frame.time_epoch -e frame.len -e ip.src -e ip.dst -e dns.resp.name -e dns.resp.type -e dns.resp.class -e dns.flags.rcode -e dns.a 'dns.flags.response == 1'" |
| }, |
| "proxy":{ |
| "type":"proxy", |
| "collector_path":"/collector_path/proxy", |
| "supported_files":[".log"], |
| "parser":"bluecoat.py" |
| } |
| } |
| } |