Should the process fail before completing the deployment, the following command will continue the deployment process without re-instantiating the host.
vagrant provision
Navigate to the following resources to explore your newly minted Apache Metron environment.
Connecting to the host through SSH is as simple as running the following command.
vagrant ssh
In addition to re-running the entire provisioning play book, you may now re-run an individual Ansible tag or a collection of tags in the following ways. The following commands will re-run the sensor-stubs role on the Vagrant image. This will install and start the sensor stub components.
vagrant --ansible-tags="sensor-stubs" provision
Tags are listed in the playbooks. Here are some frequently used tags:
By default, the Metron development environment uses sensor stubs to mimic the behavior of the full sensors. This is done because the full sensors take a significant amount of time and CPU to build, install, and run.
From time to time you may want to install the full sensors for testing (see the specifics of what that means here). This can be done by running the following command:
vagrant --ansible-skip-tags="sensor-stubs" up
This will skip only the sensor-stubs tag, allowing the ansible roles with the sensors tag to be run. This provisions the full sensors in a ‘testing mode’ so that they are more active, and thus more useful for testing (more details on that here). However, when vagrant completes the sensors will NOT be running. In order to start the sensors and simulate traffic through them (which will create a fair amount of load on your test system), complete the below steps:
vagrant ssh sudo su - service pcap-replay restart service yaf restart service snortd restart service snort-producer restart