Changeset 43 for sample/hadoop-0.16/tw/org/nchc/code/SnortUploadHbase.java

Timestamp:

Jul 23, 2008, 5:08:53 PM (17 years ago)

Author:

waue

Message:

HBaseRecordPro.java -> only modified for debuging SnortUploadHbase?.java

SnortParser?.java -> catch a bug and fix it

SnortUploadHbase?.java -> it can run finally ..

File:

• sample/hadoop-0.16/tw/org/nchc/code/SnortUploadHbase.java (modified) (7 diffs)

sample/hadoop-0.16/tw/org/nchc/code/SnortUploadHbase.java

@@ -3 +3 @@
  * Editor: Waue Chen 
  * From :  NCHC. Taiwn
- * Last Update Date: 07/02/2008
+ * Last Update Date: 07/23/2008
  */
 
 /**
  * Purpose : 
- *  First, program would parse your record and create Hbase.\
- *  Then it sets the first line as column qualify \
- *  Finally it stores in HBase automatically.
+ *  The program will parse the log of snort (/var/log/snort/alert)
+ *    into Hbase table "snort".
  * 
  * HowToUse : 
- *  Make sure two thing :
- *  1. source_file must be regular as follow:
- *    first line: qualify1:qualify2:...:qualifyN
- *    other line: records1:records2:...:recordsN
- *  2. source_file path must be correct.
+ *  Run by eclipse ! (dependency by SnortParser.java)
 
  * Check Result:
  *  Go to hbase console, type : 
- *    hql > select * from t1_table; 
+ *    hql > select * from snort; 
 
 
@@ -46 +41 @@
 import org.apache.hadoop.mapred.lib.IdentityReducer;
 
+import com.sun.org.apache.xerces.internal.impl.xpath.regex.ParseException;
+
 public class SnortUploadHbase {
   /* Major parameter */
@@ -56 +53 @@
 
   // table name
-  final static String table_name = "SnortTable";
+  final static String table_name = "Snort";
 
   // separate char
@@ -62 +59 @@
   
   // data source tmp
-  final static String text_tmp = "/tmp/HBaseRecord.text.tmp";
+  final static String text_tmp = "/tmp/alert_my";
 
   // on this sample, map is nonuse, we use reduce to handle
@@ -71 +68 @@
 
       String first_line = "gid;sid;version;alert name;" +
-          "class;priority;year;month;day;hour;min;second;source;" +
-          "destination;type;ttl;tos;id; iplen;dgmlen";
+          "class;priority;month;day;hour;min;second;source;" +
+          "destination;type;ttl;tos;id; iplen;dgmlen;";
 
       // extract cf data
@@ -124 +121 @@
    * Runs the demo.
    */
-  public static void main(String[] args) throws IOException {
+  public static void main(String[] args) throws IOException,ParseException,Exception {
     
     String[] col_family = {column_family};
@@ -131 +128 @@
 //    setup.parseFirstLine(source_file, text_tmp);
 //    System.out.println(first_line);
-    new SnortParser(source_file,text_tmp);
+    SnortParser sp = new SnortParser(source_file,text_tmp);
+    sp.parseToLine();