HTTPS Support?

VincentBiret · May 28, 2015, 11:05pm

Hi everyone,

Do you plan to support HTTPS sniffing, as wireshark does ?

Thanks,

Vincent.

tudor · May 29, 2015, 8:17am

No plans at the moment, but we've only defined our own roadmap just for the very near future.

winston · June 14, 2015, 2:44pm

Most key exchange algorithms used in TLS 1.2 are nowadays based on Diffie Hellman and make it 'impossible' to decode HTTPS traffic for a sniffer. It would need to have access to the master keys for the specific session, only the server private key is not sufficient.

Hence implementing TLS decoding in packetbeat is probably a dead end street. If you have some kind of HTTPS termination point in your infra (e.g. a load balancer or proxy) you can could try to capture behind the proxy.

VincentBiret · June 14, 2015, 4:08pm

It was purely for internal use, to analyse services using inter-regions communications on AWS which use HTTPS using self signed TLS certificates, ex: logstash-forwarder

Topic		Replies	Views
Packetbeat: Decode Https Traffic Beats packetbeat	4	539	October 13, 2021
Packet Beat support protocol HTTPS? Beats packetbeat	3	1392	July 21, 2016
Packetbeat does accurately measure tls/https traffic on local machine but not server Beats packetbeat	1	391	October 30, 2019
Is it possible to monitor https traffic through packetbeat? Beats packetbeat	1	1180	August 17, 2016
TLS not being used between Winlogbeat and Logstash - No errors Beats winlogbeat	2	870	October 7, 2016

HTTPS Support?

Related topics