hey guys. I'm stuck. I got this problem. I've configured packetbeat to capture network traffic.
I've 1 server contains elk stack and another host where i' ve installed packetbeat and mysql. The main idea is forward packetbeat traffic data to elk. In elk stack installed in other host, arrived all traffic network's data except mysql traffic network's data .But i'm stuck.
It seems that it fails to capture network traffic from mysql. I've disable ssl on mysql server (version 5.7.40). I've switch interfaces but not working. Please help. I'm stuck.
Hey @Ivan_Picca and welcome to the community!
How are you generating traffic to the MySQL server?
How are you verifying in elastic whether the traffic for MySQL exists?
Have you looked at the Elasticsearch and/or metricbeat logs to see what is happening while you capture?
You may want to reduce the number of protocols you're capturing while you troubleshoot in order to reduce the noise.
Thank you, sir 
1-Yes ,in mysql i try to show byte_sent and byte_reiceived, It work. But no data sent to ekl.
2- i try to type Destination.port : 3306 or network.protocoll: mysql or simply type mysql in the discover bar.
3-I haven't installed metricbeat. Don't need.
Thanks for the help
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.