Unable to capture the activemq traffic in packetbeat

Elastic Stack Beats
1

Hi Team,

I am unable to capture the activemq traffic in packetbeat.
PFB for more details.
ActiveMq version: 5.15.8
PacketBeat version: 6.6.2
OS: Windows 10 64 bit
Elastic search, logstash and kibana version: 6.6.2

packetbeat.yml config:
packetbeat.protocols:

  • type: amqp
    ports: [5672]
    enabled: true
    max_body_length: 1000
    parse_headers: true
    parse_arguments: false
    hide_connection_information: true
    send_request: true
    send_response: true

  • type: http
    ports: [8161]

I am unable to find any clues of activemq traffic capturing in packetbeat.

Could you please help me with the same.

2

PFB the logs captured with debug mode. Please let me know if complete logs is required and how can I share the same.
2019-03-26T16:57:16.936+0530 DEBUG [publish] pipeline/processor.go:308 Publish event: {
"@timestamp": "2019-03-26T11:27:16.825Z",
"@metadata": {
"beat": "packetbeat",
"type": "doc",
"version": "6.6.2"
},
"start_time": "2019-03-26T11:26:36.445Z",
"flow_id": "EQIA////DP////8U//8BAAEAu2BtzzsBAF5///oKdVTA7///+mfBbAc",
"final": true,
"transport": "udp",
"source": {
"stats": {
"net_packets_total": 3,
"net_bytes_total": 537
},
"mac": "00:bb:60:6d:cf:3b",
"ip": "10.117.84.192",
"port": 49511
},
"beat": {
"name": "LP-5CD84712T7",
"hostname": "LP-5CD84712T7",
"version": "6.6.2"
},
"dest": {
"mac": "01:00:5e:7f:ff:fa",
"ip": "239.255.255.250",
"port": 1900
},
"last_time": "2019-03-26T11:26:42.555Z",
"type": "flow",
"host": {
"os": {
"name": "Windows 10 Enterprise",
"build": "17134.648",
"platform": "windows",
"version": "10.0",
"family": "windows"
},
"name": "LP-5CD84712T7",
"id": "06ce0032-be2e-4181-a5f9-551e7e10cc3e",
"architecture": "x86_64"
}
}
2019-03-26T16:57:16.936+0530 DEBUG [publish] pipeline/processor.go:308 Publish event: {
"@timestamp": "2019-03-26T11:27:16.825Z",
"@metadata": {
"beat": "packetbeat",
"type": "doc",
"version": "6.6.2"
},
"flow_id": "EQIA////DP////8U//8BAAEBAF5///pMNIgywh/v///6CnXXxGwHzeE",
"final": true,
"dest": {
"mac": "01:00:5e:7f:ff:fa",
"ip": "239.255.255.250",
"port": 1900
}
2019-03-26T16:57:17.152+0530 INFO flows/util.go:64 flows worker loop stopped
2019-03-26T16:57:17.152+0530 DEBUG [flows] flows/util.go:59 stopped flows worker
2019-03-26T16:57:17.153+0530 INFO [monitoring] log/log.go:152 Total non-zero metrics {"monitoring": {"metrics": {"beat":{"cpu":{"system":{"ticks":875,"time":{"ms":875}},"total":{"ticks":1953,"time":{"ms":1953},"value":1953},"user":{"ticks":1078,"time":{"ms":1078}}},"handles":{"open":265},"info":{"ephemeral_id":"524c631b-039b-4f9d-9bef-93f8a486abf7","uptime":{"ms":44827}},"memstats":{"gc_next":37562880,"memory_alloc":34504704,"memory_total":54857040,"rss":68464640}},"libbeat":{"config":{"module":{"running":0}},"output":{"events":{"acked":344,"batches":9,"total":344},"read":{"bytes":6026},"type":"elasticsearch","write":{"bytes":274256}},"pipeline":{"clients":3,"events":{"active":218,"published":562,"retry":50,"total":562},"queue":{"acked":344}}},"system":{"cpu":{"cores":4}}}}}

3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.