ES 7.1.1/centos7, Tshark 2.6
I am trying to ingest tshark data (json format) into Elastic using logstash. I am using tshark 2.6.6. however I understand version 3.0 has ability to generate mapping for elastic search Tried to follow the steps in this blog:
https://www.elastic.co/blog/analyzing-network-packets-with-wireshark-elasticsearch-and-kibana
However ran into errors while setting index template as in the blog. Can packetbeat continuously capture pcap data similar to tshark and send to Elastic ?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.