Packet beat is not showing the status of down if the port is down

jerin · September 9, 2020, 5:16am

Hello ,
I have started to use packetbeat for port monitoring in kibana .
These are the current issues

when I kill the process (http) , its not showing the exact status of port in elastic search . Even if it's down , it's shows the port is ok

type: http
- 3456

i have few ports running on https and these information of ports are not captured by packetbeat when i use type as TLS . What are the options ?

warkolm · September 9, 2020, 5:21am

How exactly are you showing the port status?

jerin · September 9, 2020, 5:44am

With the field status in kibana . When I run packetbeat in the client , there are 1000 + fields are created in ES. Amongst them http status code , status , source_port are what I need . When I see the status it's always showing ok even though if the port is not listening .

system · October 7, 2020, 7:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Packetbeat not monitoring https protocol Beats packetbeat	2	480	October 6, 2022
Cannot get all fields in Kibana Beats packetbeat	4	838	July 8, 2017
The `network.protocol: http` returns nothing for packetbeat Beats packetbeat	4	501	January 15, 2023
Packetbeat 5.0 doesn't export http traffic or Kibana doesn't display it Beats packetbeat	3	749	December 30, 2016
What type is the "port" field in Heartbeat output? Beats	14	1250	December 12, 2017

Packet beat is not showing the status of down if the port is down

Related topics