Packet beat is not showing the status of down if the port is down

jerin · September 9, 2020, 5:16am

Hello ,
I have started to use packetbeat for port monitoring in kibana .
These are the current issues

when I kill the process (http) , its not showing the exact status of port in elastic search . Even if it's down , it's shows the port is ok

type: http
- 3456

i have few ports running on https and these information of ports are not captured by packetbeat when i use type as TLS . What are the options ?

warkolm · September 9, 2020, 5:21am

How exactly are you showing the port status?

jerin · September 9, 2020, 5:44am

With the field status in kibana . When I run packetbeat in the client , there are 1000 + fields are created in ES. Amongst them http status code , status , source_port are what I need . When I see the status it's always showing ok even though if the port is not listening .

system · October 7, 2020, 7:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Packetbeat not monitoring https protocol Beats packetbeat	2	479	October 6, 2022
Cannot get all fields in Kibana Beats packetbeat	4	838	July 8, 2017
The `network.protocol: http` returns nothing for packetbeat Beats packetbeat	4	501	January 15, 2023
Packetbeat 5.0 doesn't export http traffic or Kibana doesn't display it Beats packetbeat	3	749	December 30, 2016
PacketBeat to capture all traffic except few port? Beats packetbeat	4	1333	January 9, 2020

Packet beat is not showing the status of down if the port is down

Related Topics