Stack Overflow
Stack Overflow

Questions tagged [packetbeat]

Packetbeat is the Open Source solution for monitoring Distributed Applications. Think of it like a distributed real-time Wireshark with a lot more analytics features. Packetbeat agents sniff the traffic between your application processes, parse on the fly protocols like HTTP, MySQL, Postgresql, Redis or Thrift and correlate the messages into transactions.

53 questions
0
votes
1 answer

JMeter with Elasticsearch as data source

I am capturing http traffic using Packetbeat. The captured traffic is stored in Elasticsearch and consists of SOAP requests (including request body, headers etc). In total I have about 500 million requests in the database at any given time. My goal…
NedroK
  • 1
0
votes
1 answer

Cannot add node to cluster (elasticsearch)

I'm trying to make the health of my cluster green. According to the following elasticsearch documentation: When you add more nodes to a cluster, it automatically allocates replica shards. When all primary and replica shards are active, the cluster…
Lok Ridgmont
  • 113
  • 1
  • 9
0
votes
1 answer

Using docker to send packets to elastic

I tried this docker run command as suggested on official packetbeat installation page. https://www.elastic.co/guide/en/beats/packetbeat/current/running-on-docker.html I do not get any error, but container exits after loading index. It does not send…
shantanuo
  • 31,689
  • 78
  • 245
  • 403
0
votes
1 answer

problem with dynamic field elastic search

i am running Packet-beat in my server. i'm disabled dynamic field in index mapping . it mean if new data coming . don't create new fields. in my mapping there is not extra field but when i send a request from postman for show records . there is a…
mhsankar
  • 423
  • 5
  • 18
0
votes
1 answer

Packetbeat throws Bulk item insert failed error

Packetbeat throws following error Bulk item insert failed When the following processor is added to packetbeat.yml processors.include_fields.fields: ["http.request.body"] Error log 2018-06-04T00:37:40.893+0530 ERROR pipeline/output.go:92 …
Nu-ONE
  • 679
  • 5
  • 19
0
votes
1 answer

capture mysql query response using packetbeat

I have used packetbeat and found it very useful. But the document does not contain the response received from the server. For e.g. in case of mysql, I have a field num_rows but not the actual data that is…
shantanuo
  • 31,689
  • 78
  • 245
  • 403
0
votes
1 answer

Packetbeat dashboard installation

I am trying to install packetbeat dashboard and this command works as expected. I have installed matching version of Kibana. docker run docker.elastic.co/beats/packetbeat:5.5.0 ./scripts/import_dashboards -es http://172.31.73.234:9200 When I try…
shantanuo
  • 31,689
  • 78
  • 245
  • 403
0
votes
2 answers

Changing field properties

I am using packetbeat to monitor mysql port on 3306 and it is working very well. I can easily search for any word on discovery tab. For e.g. method:SET This works as expected. But If I change it to query:SET then it does not return the documents…
shantanuo
  • 31,689
  • 78
  • 245
  • 403
0
votes
1 answer

How to find active device id with PowerShell?

I'm trying to automate the Paketbeat installation, but one of the required things on Windows is that you need to find the device id of the active network adapter. The list of devices can be queried with .\packetbeat devices. An example output…
willemdh
  • 796
  • 2
  • 13
  • 34
0
votes
1 answer

How to block a specific IP in Packetbeat

So I am doing a data visualization of netflow traffic, and I am running packetbeat in "af mode" to gather all of the netflow data. The problem is that the IP that I am connecting to the box with packetbeat on it, is something I want to ignore. Since…
BenjaFriend
  • 664
  • 3
  • 13
  • 29
0
votes
1 answer

How to filter out the 127.0.0.1 traffic from Packetbeat and Logstash?

I have Packetbeat running using Logstash, and I have a problem. Almost all of the traffic is the traffic of the actual box sending things to Logstash. Here is what I mean: As you can see, almost all my traffic is useless. Is there a way to make a…
BenjaFriend
  • 664
  • 3
  • 13
  • 29
0
votes
1 answer

GET request to get the most recent event always returning the same thing in Elasticsearch

I am trying to just simply get the most recent event to happen with curl, and I am always getting the same thing. Here is the curl that I'm using: curl localhost:9200/packetbeat-2017.01.26/_search?pretty=true -d ' { "query": { "match_all":…
BenjaFriend
  • 664
  • 3
  • 13
  • 29
0
votes
1 answer

Is it possible to see HTTP POST data from requests in Packetbeat?

I want to build a dashboard that is based on POST requests containing JSON data that is being sent as part of the request payload. I added send_request to the Packetbeat configuration but I don't see the data in the index. Is that possible and how…
Lev
  • 115
  • 2
  • 11
0
votes
2 answers

How to take input in logstash?

when should I use filebeat , packetbeat or topbeat ? I am new to elk stack. I may sound silly but I am really confused over these. I would appreciate any sort of help.
rresol
  • 323
  • 4
  • 20
0
votes
0 answers

Collect network operation data with logstash in Windows

I am trying to get network operation data from my localhost. I know packetbeat can do some of the jobs. However, I would like to collect data with logstash but my configuration didn't output anything. Is there anyone who can give me some…
Kennedy Kan
  • 273
  • 1
  • 7
  • 20
1 2
3
4