Showing help of packetbeat, I find no options for setting the number of packets to be captured as tcpdump dose, is there a possibility to support this feature?
Thanks in advance!
% ./packetbeat --version
packetbeat version 5.3.4 (amd64), libbeat 5.3.4
%
% ./packetbeat --help
Usage of ./packetbeat:
-E value
Configuration overwrite (default null)
-I string
Read packet data from specified file
-N Disable actual publishing for testing
-O Read packets one at a time (press Enter)
-c value
Configuration file, relative to path.config (default packetbeat.yml)
-configtest
Test configuration and exit.
-cpuprofile string
Write cpu profile to file
-d string
Enable certain debug selectors
-devices
Print the list of devices and exit
-dump string
Write all captured packets to this libpcap file
-e Log to stderr and disable syslog/file output
-httpprof string
Start pprof http server
-l int
Loop file. 0 - loop forever (default 1)
-memprofile string
Write memory profile to this file
-path.config value
Configuration path
-path.data value
Data path
-path.home value
Home path
-path.logs value
Logs path
-setup
Load the sample Kibana dashboards
-strict.perms
Strict permission checking on config files (default true)
-t Read packets as fast as possible, without sleeping
-v Log at INFO level
-version
Print the version and exit
-waitstop int
Additional seconds to wait before shutting down
$tcpdump --help
tcpdump version 4.9.0
libpcap version 1.7.4
OpenSSL 1.0.2g 1 Mar 2016
Usage: tcpdump [-aAbdDefhHIJKlLnNOpqStuUvxX#] [ -B size ] [ -c count ]
[ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ]
[ -i interface ] [ -j tstamptype ] [ -M secret ] [ --number ]
[ -Q in|out|inout ]
[ -r file ] [ -s snaplen ] [ --time-stamp-precision precision ]
[ --immediate-mode ] [ -T type ] [ --version ] [ -V file ]
[ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z postrotate-command ]
[ -Z user ] [ expression ]