Packetbeat can't decode PPPoE packet

Hi ELK Community,

I'm trying to setup a packetbeat for troubleshooting spam attacking. However, I could not find the packet that encapsulated with PPPoE header in kibana which shows only normal IP packets and Flows with destination/source macaddress.
Try to use tcpdump on packetbeat machine, the output is shown as:
19:28:30.762832 PPPoE [ses 0x20d] IP > Flags [.], seq 3884279897:3884281285, ack 3457224134, win 678, options [nop,nop,TS val 3518790448 ecr 323759403], length 1388
19:28:30.858184 PPPoE [ses 0x840] IP > UDP, length 1350

Is there a way to decode PPPoE traffic in packetbeat?
or Do I miss something?

Tosamon L.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.