I am trying to run packetbeat on mac with packetbeat.yml configured to have mac settings and http port changes from default:
# Select the network interfaces to sniff the data. You can use the "any" # keyword to sniff on all connected interfaces. interfaces: device: en0 http: # Configure the ports where to listen for HTTP traffic. You can disable # the http protocol by commenting the list of ports. ports: [8091,8093]
./packetbeat.test -systemTest -c /tmp/packetbeat-1.0.0-beta3-darwin/packetbeat.yml -test.coverprofile coverage.cov packetbeat.go:208: CRIT Initializing sniffer failed: Error creating sniffer: en0: You don't have permission to capture on that device ((cannot open BPF device) /dev/bpf0: Permission denied)
Has anyone seen this problem before?
Elasticsearch is running.