Diferències
Ací es mostren les diferències entre la revisió seleccionada i la versió actual de la pàgina.
| Següent revisió | Revisió prèvia | ||
| info:cursos:openwebinars:elk:beats:packetbeats [03/12/2021 12:03] – creat mate | info:cursos:openwebinars:elk:beats:packetbeats [05/12/2021 02:40] (actual) – [instalación y configuración] mate | ||
|---|---|---|---|
| Línia 1: | Línia 1: | ||
| = ELK: Beats (Packetbeats) | = ELK: Beats (Packetbeats) | ||
| {{ : | {{ : | ||
| + | * analizador de paquetes que reenvía datos a logstash o elasticsearch | ||
| + | * monitorización servicios y aplicaciones en tiempo real. | ||
| + | * no genera latencia | ||
| + | * uso protocolos estandard o a medida | ||
| + | * busca y analiza el tráfico de red:{{ : | ||
| + | |||
| + | == instalación y configuración | ||
| + | * <code bash> | ||
| + | curl -L -O https:// | ||
| + | sudo dpkg -i packetbeat-5.4.2-amd64.deb</ | ||
| + | * <code yaml> | ||
| + | packetbeat.flows: | ||
| + | timeout: 30s | ||
| + | period: 10s | ||
| + | |||
| + | packetbeat.protocols.icmp: | ||
| + | enabled: true | ||
| + | packetbeat.protocols.amqp: | ||
| + | ports: [5672] | ||
| + | packetbeat.protocols.cassandra: | ||
| + | ports: [9042] | ||
| + | packetbeat.protocols.dns: | ||
| + | ports: [53] | ||
| + | include_authorities: | ||
| + | include_additionals: | ||
| + | packetbeat.protocols.http: | ||
| + | ports: [80, 8080, 8000, 5000, 8002] | ||
| + | packetbeat.protocols.memcache: | ||
| + | ports: [11211] | ||
| + | packetbeat.protocols.mysql: | ||
| + | ports: [3306] | ||
| + | packetbeat.protocols.pgsql: | ||
| + | ports: [5432] | ||
| + | packetbeat.protocols.redis: | ||
| + | ports: [6379] | ||
| + | packetbeat.protocols.thrift: | ||
| + | ports: [9090] | ||
| + | packetbeat.protocols.mongodb: | ||
| + | ports: [27017] | ||
| + | packetbeat.protocols.nfs: | ||
| + | ports: [2049] | ||
| + | |||
| + | output.elasticsearch: | ||
| + | hosts: [" | ||
| + | * Network device (interfaces) | ||
| + | * donde colocar el sniffer | ||
| + | * máximo tamaño de paquetes | ||
| + | * tipos de sniffer | ||
| + | * tamaño del buffer | ||
| + | * // | ||
| + | * flows | ||
| + | * permite configurar flujos en ambas direcciones | ||
| + | * dahsboards ejemplo: ''/ | ||
| + | * ''/ | ||