DNS traffic

pfe · July 28, 2016, 11:42am

Hello everyone !

Please could you explain to me how can I use Packetbeat to monitor DNS traffic

Thank you
Ragards

andrewkroh · July 28, 2016, 2:59pm

DNS capturing is enabled in the default configuration file. So just follow the Getting Started Guide for Packetbeat and you should be up and running.

pfe · July 28, 2016, 5:57pm

ok thank you for your response, but from where can I capture the traffic and analyze it ?

andrewkroh · July 28, 2016, 7:37pm

Packetbeat listens to the traffic on any one of the computer's network interfaces. So you install it on a server you will only see traffic to and from that server. If you want to see traffic from multiple devices on a network, then a common solution is to configure a port mirror on one of your managed switches or deploy a network tap device and feed that traffic to a free NIC on the server running Packetbeat.

system · August 18, 2016, 11:42am

This topic was automatically closed after 21 days. New replies are no longer allowed.

Topic		Replies	Views
DNS Logs: Packetbeat or Filebeat? Beats filebeat , packetbeat	2	705	July 16, 2020
Origin of Recursive Lookup Not Captured Beats packetbeat	1	329	December 15, 2021
Winlogbeats with DNS logs? Beats	4	2286	July 17, 2017
Can Packetbeat capture DHCP packets? Beats packetbeat	3	1071	March 1, 2017
Listen for different protocols over different interface Beats packetbeat	3	452	November 13, 2019

DNS traffic

Related topics