Packet beat is not showing the status of down if the port is down

jerin · September 9, 2020, 5:16am

Hello ,
I have started to use packetbeat for port monitoring in kibana .
These are the current issues

when I kill the process (http) , its not showing the exact status of port in elastic search . Even if it's down , it's shows the port is ok

type: http
- 3456

i have few ports running on https and these information of ports are not captured by packetbeat when i use type as TLS . What are the options ?

warkolm · September 9, 2020, 5:21am

How exactly are you showing the port status?

jerin · September 9, 2020, 5:44am

With the field status in kibana . When I run packetbeat in the client , there are 1000 + fields are created in ES. Amongst them http status code , status , source_port are what I need . When I see the status it's always showing ok even though if the port is not listening .

system · October 7, 2020, 7:44am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.