Using packetbeat with pf_ring

luciferdude · August 5, 2020, 7:58pm

Hello,

Testing packetbeat with af_packet and pcap. getting an error when testing with pf_ring. I have 10 GB NIC and trying to capture DNS traffic over that nic.

ERROR instance/beat.go:906 Exiting: Unknown sniffer type: pf_ring

I've installed pfring-7.4.0-2736.x86_64.rpm; pfring-dkms-7.4.0-2700.noarch.rpm and dependency packages. I've added the mgmt interface and capture_interfaces in the interfaces.conf. Can someone please help me?

packetbeat.interfaces.device: 0
packetbeat.interfaces.type: pf_ring
packetbeat.interfaces.snaplen: 65535
packetbeat.ignore_outgoing: true

system · September 2, 2020, 9:59pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Starting packetbeat: 2016/01/08 12:13:43.009060 packetbeat.go:195: CRIT Initializing sniffer failed: Error creating sniffer: Pfring sniffing is not compiled in Beats packetbeat	5	1746	July 5, 2017
PF_RING on Packetbeat error Beats packetbeat	3	1125	July 29, 2017
PF_RING on Packetbeat error chinese 中文提问与讨论	2	1288	July 4, 2017
How packetbeat to work with pf_ring Beats packetbeat	12	2553	November 6, 2016
Packetbeat requirements using a SPAN interface Beats packetbeat	2	904	July 5, 2017

Using packetbeat with pf_ring

Related topics