packetbeat

command
v2.8.4+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 16, 2021 License: Apache-2.0 Imports: 2 Imported by: 0

README

Packetbeat

Packetbeat is an open source network packet analyzer that ships the data to Elasticsearch. Think of it like a distributed real-time Wireshark with a lot more analytics features.

The Packetbeat shippers sniff the traffic between your application processes, parse on the fly protocols like HTTP, MySQL, PostgreSQL, Redis or Thrift and correlate the messages into transactions.

For each transaction, the shipper inserts a JSON document into Elasticsearch, where it is stored and indexed. You can then use Kibana to view key metrics and do ad-hoc queries against the data.

To learn more about Packetbeat, check out https://www.elastic.co/products/beats/packetbeat.

Getting started

Please follow the getting started guide from the docs.

Documentation

Please visit elastic.co for the documentation.

Bugs and feature requests

If you have an issue, please start by opening a topic on the forums. We'll help you troubleshoot and work with you on a solution.

If you are sure you found a bug or have a feature request, open an issue on Github.

Contributions

We love contributions from our community! Please read the CONTRIBUTING.md file.

Snapshots

For testing purposes, we generate snapshot builds that you can find here. Please be aware that these are built on top of master and are not meant for production.

Packaging .deb

  1. Unpackaging $PACKETBEAT-OldVer.deb
    1. Create $PACKETBEAT_DIR directory
    2. Run cmd:
      dpkg-deb -R $PACKETBEAT-OLD.deb $PACKETBEAT_DIR
      
  2. Configure and packaging
    1. Configuration
      • Change package's information at $PACKETBEAT_DIR/DEBIAN/control (Note: "Package" which in this file will be $PACKETBEAT-NAME)
      • Set permission for file which installed at $PACKETBEAT_DIR/DEBIAN/postinst
    2. Update new file
      • Remove old and copy new "packetbeat.yml" at $PACKETBEAT_DIR/etc/packetbeat/
      • Remove old and copy new "packetbeat" binary, "statistics_config.json", "announcement_bam_deploy.py" at $PACKETBEAT_DIR/usr/share/packetbeat/bin/
    3. Packaging
      dpkg-deb -b $PACKETBEAT_DIR $PACKETBEAT-NewVer.deb  
      

Install and uninstall

  1. Install
    dpkg -i $PACKETBEAT-NewVer.deb
    
  2. Remove
    dpkg -P $PACKETBEAT-NAME
    

Documentation

The Go Gopher

There is no documentation for this package.

Directories

Path Synopsis
ipdefrag/ip4defrag
Package ip4defrag implements a IPv4 defragmenter
Package ip4defrag implements a IPv4 defragmenter
Package include imports all protos packages so that they register with the global registry.
Package include imports all protos packages so that they register with the global registry.
processor
applayer
Package applayer provides common definitions with common fields for use with application layer protocols among beats.
Package applayer provides common definitions with common fields for use with application layer protocols among beats.
dns
Package dns provides support for parsing DNS messages and reporting the results.
Package dns provides support for parsing DNS messages and reporting the results.
nfs
tcp
tls
udp

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL