packetbeat

command
v2.0.1+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 28, 2019 License: Apache-2.0 Imports: 2 Imported by: 0

README

Packetbeat

Packetbeat is an open source network packet analyzer that ships the data to Elasticsearch. Think of it like a distributed real-time Wireshark with a lot more analytics features.

The Packetbeat shippers sniff the traffic between your application processes, parse on the fly protocols like HTTP, MySQL, PostgreSQL, Redis or Thrift and correlate the messages into transactions.

For each transaction, the shipper inserts a JSON document into Elasticsearch, where it is stored and indexed. You can then use Kibana to view key metrics and do ad-hoc queries against the data.

To learn more about Packetbeat, check out https://www.elastic.co/products/beats/packetbeat.

Getting started

Please follow the getting started guide from the docs.

Documentation

Please visit elastic.co for the documentation.

Bugs and feature requests

If you have an issue, please start by opening a topic on the forums. We'll help you troubleshoot and work with you on a solution.

If you are sure you found a bug or have a feature request, open an issue on Github.

Contributions

We love contributions from our community! Please read the CONTRIBUTING.md file.

Snapshots

For testing purposes, we generate snapshot builds that you can find here. Please be aware that these are built on top of master and are not meant for production.

Packaging .deb

  1. Unpackaging $PACKETBEAT-OldVer.deb
    1. Create $PACKETBEAT_DIR directory
    2. Run cmd: 
      dpkg-deb -R $PACKETBEAT-OLD.deb $PACKETBEAT_DIR
  2. Configure and packaging
    1. Configuration
      • Change package's information at $PACKETBEAT_DIR/DEBIAN/control (Note: "Package" which in this file will be $PACKETBEAT-NAME)
      • Set permission for file which installed at $PACKETBEAT_DIR/DEBIAN/postinst
    2. Update new file
      • Remove old and copy new "packetbeat.yml" at $PACKETBEAT_DIR/etc/packetbeat/
      • Remove old and copy new "packetbeat" binary, "statistics_config.json", "announcement_bam_deploy.py" at $PACKETBEAT_DIR/usr/share/packetbeat/bin/
    3. Packaging 
      dpkg-deb -b $PACKETBEAT_DIR $PACKETBEAT-NewVer.deb

Install and uninstall

  1. Install 
    dpkg -i $PACKETBEAT-NewVer.deb
  2. Remove 
    dpkg -P $PACKETBEAT-NAME

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis
Package include imports all protos packages so that they register with the global registry.
 Package include imports all protos packages so that they register with the global registry.
processor
add_kubernetes_metadata
amqp
applayer
Package applayer provides common definitions with common fields for use with application layer protocols among beats.
 Package applayer provides common definitions with common fields for use with application layer protocols among beats.
cassandra
cassandra/internal/gocql
dhcpv4
dns
Package dns provides support for parsing DNS messages and reporting the results.
 Package dns provides support for parsing DNS messages and reporting the results.
http
icmp
memcache
mongodb
mysql
nfs
pgsql
redis
tcp
thrift
tls
udp

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.