Hello,
I tried to add Packet Capture Integration to a Windows Elastic Agent but packetbeat keeps crashing and dont send no logs.
I'm in self managed mode with dedicated fleet server. Every other beat or integration works on this host.
[info] Beat ID: c1a9ccc0-576c-4376-bed7-e8a2842e0f19
16:14:39.804
[info] Output reload is enabled, the beat will restart as needed on change of output config
16:14:39.804
[info] Set gc percentage to: 100
16:14:39.805
[info] running under elastic-agent, per-beat lockfiles disabled
16:14:39.805
[info] Starting stats endpoint
16:14:39.805
[info] Beat info
16:14:39.805
[info] Build info
16:14:39.805
[info] Go runtime info
16:14:39.810
[info] Metrics endpoint listening on: \\.\pipe\packet-default (configured: npipe:///packet-default)
16:14:39.844
[info] Host info
16:14:39.845
[info] Process info
16:14:39.846
[info] Setup Beat: packetbeat; Version: 8.6.1
16:14:39.864
[info] Output is configured through Central Management
16:14:42.249
[info] Beat name: DESKTOP-H6KABGK
16:14:42.249
[info] npcap version: Npcap version 1.71, based on libpcap version 1.10.2-PRE-GIT
16:14:42.261
[info] Process watcher disabled
16:14:42.278
[info] packetbeat start running.
16:14:42.278
[info] Starting metrics logging every 30s
16:14:42.282
[info] Attempted to register Windows service handlers, but this is not a service. No action necessary
16:14:42.727
[info] elasticsearch url: http://192.168.2.13:9200
16:14:42.743
[info] Process watcher enabled
16:14:45.770
[warn] read token request for getting IMDSv2 token returns empty: Put "http://169.254.169.254/latest/api/token": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.
16:14:48.778
[info] add_cloud_metadata: hosting provider type not detected.
16:14:48.806
[warn] read token request for getting IMDSv2 token returns empty: Put "http://169.254.169.254/latest/api/token": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.
16:14:51.816
[info] add_cloud_metadata: hosting provider type not detected.
16:14:51.845
[warn] read token request for getting IMDSv2 token returns empty: Put "http://169.254.169.254/latest/api/token": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.
16:14:54.856
[info] add_cloud_metadata: hosting provider type not detected.
16:14:54.885
[warn] read token request for getting IMDSv2 token returns empty: Put "http://169.254.169.254/latest/api/token": context deadline exceeded (Client.Timeout exceeded while awaiting headers). No token in the metadata request will be used.
16:14:54.893
[info] Resolved device index 0 to device: \Device\NPF_{EBD3A969-4116-4974-B480-FC11E7B41C1C}
16:14:54.898
[info] Resolved device index 0 to device: \Device\NPF_{EBD3A969-4116-4974-B480-FC11E7B41C1C}
16:14:54.905
[info] Resolved device index 0 to device: \Device\NPF_{EBD3A969-4116-4974-B480-FC11E7B41C1C}
16:14:54.912
[info] Resolved device index 0 to device: \Device\NPF_{EBD3A969-4116-4974-B480-FC11E7B41C1C}
16:14:54.933
[info] Stopping 1 runners ...
16:14:54.933
[info] flows worker loop stopped
16:14:54.933
[info] Packetbeat send stop signal
16:14:54.936
[error] panic: close of closed channel
16:14:54.936
[error] goroutine 66 [running]:
16:14:54.936
[error] github.com/elastic/beats/v7/packetbeat/beater.(*packetbeat).Stop.func1()
16:14:54.936
[error] github.com/elastic/beats/v7/packetbeat/beater/packetbeat.go:191 +0x25
16:14:54.936
[error] sync.(*Once).doSlow(0x346a3bf?, 0x1b?)
16:14:54.936
[error] sync/once.go:68 +0xc2
16:14:54.936
[error] sync.(*Once).Do(...)
16:14:54.936
[error] sync/once.go:59
16:14:54.937
[error] github.com/elastic/beats/v7/packetbeat/beater.(*packetbeat).Stop(0xc0008eed20?)
16:14:54.937
[error] github.com/elastic/beats/v7/packetbeat/beater/packetbeat.go:191 +0x66
16:14:54.937
[error] sync.(*Once).doSlow(0x0?, 0x0?)
16:14:54.937
[error] sync/once.go:68 +0xc2
16:14:54.937
[error] sync.(*Once).Do(...)
16:14:54.937
[error] sync/once.go:59
16:14:54.937
[error] github.com/elastic/beats/v7/x-pack/libbeat/management.(*BeatV2Manager).stopBeat(0xc0000ab860)
16:14:54.937
[error] github.com/elastic/beats/v7/x-pack/libbeat/management/managerV2.go:404 +0x11b
16:14:54.937
[error] github.com/elastic/beats/v7/x-pack/libbeat/management.(*BeatV2Manager).unitListen(0xc0000ab860)
16:14:54.937
[error] github.com/elastic/beats/v7/x-pack/libbeat/management/managerV2.go:345 +0x2b7
16:14:54.937
[error] created by github.com/elastic/beats/v7/x-pack/libbeat/management.(*BeatV2Manager).Start
16:14:54.937
[error] github.com/elastic/beats/v7/x-pack/libbeat/management/managerV2.go:184 +0x116
16:14:56.309
[info] Home path: [C:\Program Files\Elastic\Agent\data\elastic-agent-b8553c\components] Config path: [C:\Program Files\Elastic\Agent\data\elastic-agent-b8553c\components] Data path: [C:\Program Files\Elastic\Agent\data\elastic-agent-b8553c\run\packet-default] Logs path: [C:\Program Files\Elastic\Agent\data\elastic-agent-b8553c\components\logs]