bash-4.1$ ./packetbeat devices -v -debug
bash-4.1$ uname -a
Linux xxxxxx 2.6.32-573.3.1.el6.x86_64 #1 SMP Mon Aug 10 09:44:54 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
Packetbeat coming out immediately without executing/displaying.
Try:
$ ./packetbeat -devices
Hi Andrew,
Thanks that worked. But only if I use root user.
[root@xxxpacketbeat-1.1.1-x86_64]# ./packetbeat -devices
0: eth0 (No description available)
1: eth1 (No description available)
2: any (Pseudo-device that captures on all interfaces)
3: lo (No description available)
So is it always that packetbeat have to be run as a root user and not using any other user
I see this when I run using non-root user
bash-4.1$ ./packetbeat -devices
No devices found. You might need sudo?
thanks
Generally you need to be a privileged user to capture packets. On some distros there are ways of adding capabilities to a binary so that unprivileged users can run them. See http://www.andy-pearce.com/blog/posts/2013/Mar/file-capabilities-in-linux/