Documentation

Connecting

General

In order to view data in your Kafka cluster you must first create a connection to it. This can be done using the 'Add Cluster' toolbar button or the 'Add New Connection' menu item in the File-menu. In the 'Add Cluster' dialog you must provide the following values under the General-section

In some cases you must enter values in the 'Bootstrap servers' field in order to be able to connect to your Kafka cluster:

Notice that if you do not provide the Zookeeper host/port values, some features in Kafka Tool may not be available.

Plaintext

If your cluster is configured for plaintext security (typically in test environments only) you do not need to configure any additional security attributes. You can just click on Test to test that your connection is working properly or Add to add the server connection without testing it first.

SASL

If your cluster is configured for SASL (plaintext or SSL) you must pass in your jaas config file to Kafka Tool when you start it. The exact contents of the jaas file depend on the configuration of your cluster, please refer to the Kafka documentation.

On Windows you need to start Kafka Tool as follows

On Linux you need to start Kafka Tool as follows

On MacOS you need to start Kafka Tool using kafkatool.sh located in the following folder

Before that, you must configure the provided client_jaas.conf file to match your Kafka cluster configuration

If you are using SASL Plaintext you typically must change the sasl.mechanism client property to PLAIN. This property can be entered in the 'SASL Mechanism' text field under the 'Advanced' section.

SSL

If your Kafka cluster is configured to use SSL you may need to set various SSL configuration parameters. Unless your Kafka brokers are using a server certificate issued by a public CA, you need to point to a local truststore that contains the self signed root certificate that signed your brokers certificate. You also need to enter the password for this truststore.

If the SAN(s) in your server certificate do not match the actual hostname of the brokers you are connecting to, you will receive an SSL error (No subject alternative DNS name matching xxx found) when you try to connect. You can avoid this by unchecking the 'Validate SSL endpoint hostname' checkbox in the 'Broker security' section. This will set the ssl.endpoint.identification.algorithm client property to null.

If your Kafka cluster requires a client certificate (two-way authentication) you also need to configure your keystore attributes. The keystore contains the private key that you use to authenticate to your Kafka brokers. You also need to configure a password for the keystore as well as password for the private key in the keystore.

Kafka Tool | UI Tool for Apache Kafka