we have a use case where we want to send extrahop data to a MAPR hadoop cluster and are looking for the best options. The two main options seems to be:
For Kafka connectivity, we don't currently have a Kafka broker/server setup on our MAPR cluster and MAPR doesn't seem to support Kafka as part of support contracts. They do have MAPR Streams that provides a Kafka 0.9 API. Has anyone successfully integrated extrahop with MAPR Streams?
Also, the Extrahop documentation seems to indicated that you do need a Kafka server on the receiving end. Is that correct?
For syslog connectivity, it would be rather easy to setup a syslog server on our MAPR cluster nodes (RHEL 6.7) but if we setup multiple syslog servers for HA, can Extrahop support that (I don't see it in the Extrahop documentation)? Would it just be to setup a VIP for the syslog flow and Extrahop would use that VIP?
I've been told that it would be possible to have Apache Flume setup with Extrahop connected with a Flume Kafka source (available in 1.6.0). Would that be an option? If so, have anyone implemented this?