metron-deployment/roles/metron_streaming/defaults/main.yml - metron - Git at Google

 #
 #  Licensed to the Apache Software Foundation (ASF) under one or more
 #  contributor license agreements.  See the NOTICE file distributed with
 #  this work for additional information regarding copyright ownership.
 #  The ASF licenses this file to You under the Apache License, Version 2.0
 #  (the "License"); you may not use this file except in compliance with
 #  the License.  You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 #  Unless required by applicable law or agreed to in writing, software
 #  distributed under the License is distributed on an "AS IS" BASIS,
 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
 #
 ---
 metron_directory: /usr/metron/{{ metron_version }}
 metron_solr_jar_name: metron-solr-{{ metron_version }}.jar
 metron_elasticsearch_jar_name: metron-elasticsearch-{{ metron_version }}.jar
 metron_pcap_jar_name: metron-pcap-backend-{{ metron_version }}.jar
 metron_parsers_jar_name: metron-parsers-{{ metron_version }}.jar
 metron_enrichment_jar_name: metron-enrichment-{{ metron_version }}-uber.jar
 metron_profiler_jar_name: metron-profiler-{{ metron_version }}.jar

 # bundle names
 metron_common_bundle_name: metron-common-{{ metron_version }}-archive.tar.gz
 metron_pcap_bundle_name: metron-pcap-backend-{{ metron_version }}-archive.tar.gz
 metron_data_management_bundle_name: metron-data-management-{{ metron_version }}-archive.tar.gz
 metron_enrichment_bundle_name: metron-enrichment-{{ metron_version }}-archive.tar.gz
 metron_indexing_bundle_name: metron-indexing-{{ metron_version }}-archive.tar.gz
 metron_solr_bundle_name: metron-solr-{{ metron_version }}-archive.tar.gz
 metron_elasticsearch_bundle_name: metron-elasticsearch-{{ metron_version }}-archive.tar.gz
 metron_parsers_bundle_name: metron-parsers-{{ metron_version }}-archive.tar.gz
 metron_maas_bundle_name: metron-maas-service-{{ metron_version }}-archive.tar.gz
 metron_profiler_bundle_name: metron-profiler-{{ metron_version }}-archive.tar.gz
 metron_profiler_client_bundle_name: metron-profiler-client-{{ metron_version }}-archive.tar.gz

 # bundle paths
 metron_pcap_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-pcap-backend/target/{{ metron_pcap_bundle_name }}"
 metron_common_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-common/target/{{ metron_common_bundle_name }}"
 metron_data_management_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-data-management/target/{{ metron_data_management_bundle_name }}"
 metron_enrichment_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-enrichment/target/{{ metron_enrichment_bundle_name }}"
 metron_indexing_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-indexing/target/{{ metron_indexing_bundle_name }}"
 metron_solr_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-solr/target/{{ metron_solr_bundle_name }}"
 metron_elasticsearch_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-elasticsearch/target/{{ metron_elasticsearch_bundle_name }}"
 metron_parsers_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-parsers/target/{{ metron_parsers_bundle_name }}"
 metron_maas_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-maas-service/target/{{ metron_maas_bundle_name }}"
 metron_profiler_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-profiler/target/{{ metron_profiler_bundle_name }}"
 metron_profiler_client_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-profiler-client/target/{{ metron_profiler_client_bundle_name }}"


 # configuration paths
 config_path: "{{ metron_directory }}/config"
 zookeeper_config_path: "{{ config_path }}/zookeeper"
 zookeeper_global_config_path: "{{ zookeeper_config_path }}/global.json"
 metron_pcap_properties_config_path: "{{ metron_directory }}/config/pcap.properties"
 metron_solr_properties_config_path: "{{ metron_directory }}/config/solr.properties"
 metron_elasticsearch_properties_config_path: "{{ metron_directory }}/config/elasticsearch.properties"
 metron_enrichment_properties_config_path: "{{ metron_directory }}/config/enrichment.properties"
 metron_parsers_properties_config_path: "{{ metron_directory }}/config/parsers.properties"
 metron_profiler_properties_config_path: "{{ metron_directory }}/config/profiler.properties"

 hbase_config_path: "/etc/hbase/conf"
 hdfs_config_path: "/etc/hadoop/conf"
 pcap_hdfs_path: "/apps/metron/pcap"
 geo_hdfs_path: "/apps/metron/geo/default"

 threat_intel_bulk_load: True
 threat_intel_bin: "{{ metron_directory }}/bin/flatfile_loader.sh"
 threat_intel_work_dir: /tmp/ti_bulk
 threat_intel_csv_filename: "threat_ip.csv"
 threat_intel_csv_filepath: "{{ threat_intel_csv_filename }}"

 pycapa_topic: pcap
 bro_topic: bro
 yaf_topic: yaf
 snort_topic: snort
 enrichments_topic: enrichments

 hdfs_retention_days: 30
 hdfs_bro_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/bro_doc/*enrichment-*' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/bro-purge/cron-hdfs-bro-purge.log 2>&1"
 hdfs_yaf_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/yaf_doc/*enrichment-*' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-hdfs-yaf-purge.log 2>&1"
 hdfs_snort_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/snort_doc/*enrichment-*' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-hdfs-snort-purge.log 2>&1"

 elasticsearch_config_path: /etc/elasticsearch
 elasticsearch_cluster_name: metron
 elasticsearch_transport_port: 9300

 es_retention_days: 30
 es_bro_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p bro_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/bro-purge/cron-es-bro-purge.log 2>&1"
 es_yaf_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p yaf_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-es-yaf-purge.log 2>&1"
 es_snort_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p yaf_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/snort-purge/cron-es-snort-purge.log 2>&1"

 metron_hdfs_output_dir: "/apps/metron"
 metron_hdfs_rotation_policy: org.apache.storm.hdfs.bolt.rotation.TimedRotationPolicy
 metron_hdfs_rotation_policy_count: 1
 metron_hdfs_rotation_policy_units: DAYS
	#
	# Licensed to the Apache Software Foundation (ASF) under one or more
	# contributor license agreements. See the NOTICE file distributed with
	# this work for additional information regarding copyright ownership.
	# The ASF licenses this file to You under the Apache License, Version 2.0
	# (the "License"); you may not use this file except in compliance with
	# the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.
	#
	---
	metron_directory: /usr/metron/{{ metron_version }}
	metron_solr_jar_name: metron-solr-{{ metron_version }}.jar
	metron_elasticsearch_jar_name: metron-elasticsearch-{{ metron_version }}.jar
	metron_pcap_jar_name: metron-pcap-backend-{{ metron_version }}.jar
	metron_parsers_jar_name: metron-parsers-{{ metron_version }}.jar
	metron_enrichment_jar_name: metron-enrichment-{{ metron_version }}-uber.jar
	metron_profiler_jar_name: metron-profiler-{{ metron_version }}.jar

	# bundle names
	metron_common_bundle_name: metron-common-{{ metron_version }}-archive.tar.gz
	metron_pcap_bundle_name: metron-pcap-backend-{{ metron_version }}-archive.tar.gz
	metron_data_management_bundle_name: metron-data-management-{{ metron_version }}-archive.tar.gz
	metron_enrichment_bundle_name: metron-enrichment-{{ metron_version }}-archive.tar.gz
	metron_indexing_bundle_name: metron-indexing-{{ metron_version }}-archive.tar.gz
	metron_solr_bundle_name: metron-solr-{{ metron_version }}-archive.tar.gz
	metron_elasticsearch_bundle_name: metron-elasticsearch-{{ metron_version }}-archive.tar.gz
	metron_parsers_bundle_name: metron-parsers-{{ metron_version }}-archive.tar.gz
	metron_maas_bundle_name: metron-maas-service-{{ metron_version }}-archive.tar.gz
	metron_profiler_bundle_name: metron-profiler-{{ metron_version }}-archive.tar.gz
	metron_profiler_client_bundle_name: metron-profiler-client-{{ metron_version }}-archive.tar.gz

	# bundle paths
	metron_pcap_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-pcap-backend/target/{{ metron_pcap_bundle_name }}"
	metron_common_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-common/target/{{ metron_common_bundle_name }}"
	metron_data_management_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-data-management/target/{{ metron_data_management_bundle_name }}"
	metron_enrichment_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-enrichment/target/{{ metron_enrichment_bundle_name }}"
	metron_indexing_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-indexing/target/{{ metron_indexing_bundle_name }}"
	metron_solr_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-solr/target/{{ metron_solr_bundle_name }}"
	metron_elasticsearch_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-elasticsearch/target/{{ metron_elasticsearch_bundle_name }}"
	metron_parsers_bundle_path: "{{ playbook_dir }}/../../metron-platform/metron-parsers/target/{{ metron_parsers_bundle_name }}"
	metron_maas_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-maas-service/target/{{ metron_maas_bundle_name }}"
	metron_profiler_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-profiler/target/{{ metron_profiler_bundle_name }}"
	metron_profiler_client_bundle_path: "{{ playbook_dir }}/../../metron-analytics/metron-profiler-client/target/{{ metron_profiler_client_bundle_name }}"


	# configuration paths
	config_path: "{{ metron_directory }}/config"
	zookeeper_config_path: "{{ config_path }}/zookeeper"
	zookeeper_global_config_path: "{{ zookeeper_config_path }}/global.json"
	metron_pcap_properties_config_path: "{{ metron_directory }}/config/pcap.properties"
	metron_solr_properties_config_path: "{{ metron_directory }}/config/solr.properties"
	metron_elasticsearch_properties_config_path: "{{ metron_directory }}/config/elasticsearch.properties"
	metron_enrichment_properties_config_path: "{{ metron_directory }}/config/enrichment.properties"
	metron_parsers_properties_config_path: "{{ metron_directory }}/config/parsers.properties"
	metron_profiler_properties_config_path: "{{ metron_directory }}/config/profiler.properties"

	hbase_config_path: "/etc/hbase/conf"
	hdfs_config_path: "/etc/hadoop/conf"
	pcap_hdfs_path: "/apps/metron/pcap"
	geo_hdfs_path: "/apps/metron/geo/default"

	threat_intel_bulk_load: True
	threat_intel_bin: "{{ metron_directory }}/bin/flatfile_loader.sh"
	threat_intel_work_dir: /tmp/ti_bulk
	threat_intel_csv_filename: "threat_ip.csv"
	threat_intel_csv_filepath: "{{ threat_intel_csv_filename }}"

	pycapa_topic: pcap
	bro_topic: bro
	yaf_topic: yaf
	snort_topic: snort
	enrichments_topic: enrichments

	hdfs_retention_days: 30
	hdfs_bro_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/bro_doc/enrichment-' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/bro-purge/cron-hdfs-bro-purge.log 2>&1"
	hdfs_yaf_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/yaf_doc/enrichment-' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-hdfs-yaf-purge.log 2>&1"
	hdfs_snort_purge_cronjob: "{{ metron_directory }}/bin/prune_hdfs_files.sh -f {{ hdfs_url }} -g '/apps/metron/indexing/indexed/snort_doc/enrichment-' -s $(date -d '{{ hdfs_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-hdfs-snort-purge.log 2>&1"

	elasticsearch_config_path: /etc/elasticsearch
	elasticsearch_cluster_name: metron
	elasticsearch_transport_port: 9300

	es_retention_days: 30
	es_bro_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p bro_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/bro-purge/cron-es-bro-purge.log 2>&1"
	es_yaf_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p yaf_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/yaf-purge/cron-es-yaf-purge.log 2>&1"
	es_snort_purge_cronjob: "{{ metron_directory }}/bin/prune_elasticsearch_indices.sh -z {{ zookeeper_url }} -p yaf_index_ -s $(date -d '{{ es_retention_days }} days ago' +%m/%d/%Y) -n 1 >> /var/log/snort-purge/cron-es-snort-purge.log 2>&1"

	metron_hdfs_output_dir: "/apps/metron"
	metron_hdfs_rotation_policy: org.apache.storm.hdfs.bolt.rotation.TimedRotationPolicy
	metron_hdfs_rotation_policy_count: 1
	metron_hdfs_rotation_policy_units: DAYS