Lately I upgrade to use packetbeat version 5.x, I found bpf_filter option not working as previously in packetbeat version 2.x, basically if I set this option in configuration file, I can still see packetbeat which is not qualified with this filter syntax coming in .
the configuration I 'm using is as below,
packetbeat.interfaces.bpf_filter: "host 32.3.1.1 and 32.3.18.101 and port 18001"
then I can still receive packetbeat from another IP address like 32.3.1.4 with port 18001
Any ideas ? or did I miss something ?
thanks for your help in advance.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.