Packetbeat can't decode PPPoE packet

Hi ELK Community,

I'm trying to setup a packetbeat for troubleshooting spam attacking. However, I could not find the packet that encapsulated with PPPoE header in kibana which shows only normal IP packets and Flows with destination/source macaddress.
Try to use tcpdump on packetbeat machine, the output is shown as:
19:28:30.762832 PPPoE [ses 0x20d] IP 204.113.46.18.https > node-12ac.pool-180-180.dynamic.totinternet.net.45926: Flags [.], seq 3884279897:3884281285, ack 3457224134, win 678, options [nop,nop,TS val 3518790448 ecr 323759403], length 1388
19:28:30.858184 PPPoE [ses 0x840] IP 204.113.53.46.https > node-zme.pool-182-52.dynamic.internet.net.50221: UDP, length 1350

Is there a way to decode PPPoE traffic in packetbeat?
or Do I miss something?

Regards,
Tosamon L.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.