Reliability of Packetbeat Logs

Mohannad_Saeed · May 1, 2016, 5:00am

Greetings,

There is a setting in the configuration template of Packetbeat on Github, where one can instruct Packetbeat to output logs to a local file.

Two questions regarding this setting:

Is it guaranteed to have these logs written to local disk before the HTTP requests reach our application server for processing? We need this for recovery purposes.
What is the difference between the settings for file output and the settings for logging in the Packetbeat configuration template on Github?

Thank you!

warkolm · May 1, 2016, 9:52pm

Not sure if it would be guaranteed.
Logging is the output from the application code itself, any errors etc that it encounters. It is not the packet data.

steffens · May 2, 2016, 4:46pm

packetbeat handles transactions. If no response is ever seen, the request might timeout after some seconds. Not sure if incomplete transaction is published by http protocol analyzer. With packetbeat being a passive network sniffer, I don't see how packetbeat will help with resiliency.

Topic		Replies	Views
Packetbeat File Output Options Beats packetbeat	3	784	March 28, 2017
DNS Logs: Packetbeat or Filebeat? Beats filebeat , packetbeat	2	705	July 16, 2020
Packetbeat debugging - no file output Beats packetbeat	5	1105	June 28, 2017
Debug Unmatched Responses and tcp dropped because of gaps Beats packetbeat	4	987	November 10, 2018
No stdout and logs from Packetbeat Beats packetbeat	1	345	February 16, 2021

Reliability of Packetbeat Logs

Related topics