1

I just want to run packetbeat and get packet sniff from MySQL and output to file or console ,so that I no need Elastic system

I tried to run it but no thing output 

 root@localhost~: packetbeat -c packetbeat.yml
 root@localhost~:

Following are my config file

procs:
   enabled: true
   monitored:
    - process: mysqld
      cmdline_grep: mysqld

output:
  ### Console output
  console:
    # Pretty print json event
    pretty: false

How can I do that ?

Ryo
  • 995
  • 2
  • 25
  • 41

1 Answers1

1

Packetbeat works by capturing the network traffic that Mysql creates, so you need to also configure from which device to capture the traffic and on which tcp ports Mysql is running. For example:

interface:
  device: any

protocols:
  mysql:
    ports: [3306]

procs:
   enabled: true
   monitored:
    - process: mysqld
      cmdline_grep: mysqld

output:
  ### Console output
  console:
    # Pretty print json event
    pretty: false

Your console output configuration looks good to me. You can also output to rotating files, if you prefer.

tsg
  • 2,007
  • 13
  • 12
  • Thanks , all protocols are enable by defaut ,I just fix by running packetbeat with sudo T_T – Ryo Dec 02 '15 at 01:06