第七色在线视频,2021少妇久久久久久久久久,亚洲欧洲精品成人久久av18,亚洲国产精品特色大片观看完整版,孙宇晨将参加特朗普的晚宴

為了賬號安全,請及時綁定郵箱和手機立即綁定

packetbeat 無法啟動

我在windows執(zhí)行了

C:\Users\ehagsuu\Desktop\elastic\packetbeat-5.6.4-windows-x86
λ Ppacketbeat.exe? -e -c es.yml -strict.perms=false


結果如下:

2018/08/12 09:09:36.076161 beat.go:346: CRIT Exiting: Initializing sniffer failed: Error creating sniffer: Couldn't unde
rstand device index 0: Looking for device index 0, but there are only 0 devices
Exiting: Initializing sniffer failed: Error creating sniffer: Couldn't understand device index 0: Looking for device ind
ex 0, but there are only 0 devices

##########

應該是es.yml中關于packetbeat.interfaces.device: 0的,沒有設置正確,嘗試了eth0,lo0都不會正確重啟。

并且在windows環(huán)境中執(zhí)行packetbeat devices

C:\Users\ehagsuu\Desktop\elastic\packetbeat-5.6.4-windows-x86
λ Ppacketbeat.exe devices
Exiting: Initializing sniffer failed: Error creating sniffer: Couldn't understand device index 0: Looking for device index 0, but there are only 0 devices

C:\Users\ehagsuu\Desktop\elastic\packetbeat-5.6.4-windows-x86

正在回答

5 回答

es.yml 的配置是什么?另外你的 http 包是否走的這個網卡?

0 回復 有任何疑惑可以回復我~
#1

泰德蘇 提問者

es.yml原來用的是下載的那個資料里的,但是用了什么也沒有。然后我把packetbeat.full修改了下,能抓到一些UDP的包。我是把所有的packbeat devices識別到的設備從0,4都試了一下。所以http是否存在可能走除了packebeat devices 結果之外的設備?
2018-08-13 回復 有任何疑惑可以回復我~

packetbeat.interfaces.device: 0

?windows 上,網卡設備名稱會比較長。所以 packetbeat 單獨提供了一個參數(shù):packetbeat -device,返回整個可用網卡設備列表數(shù)組,你可以直接寫數(shù)組下標來代表這個設備。比如:device: 0。


0 回復 有任何疑惑可以回復我~

抓到了一些包,但是沒有看到視頻中的http的包:都是些UDP

2018/08/12 10:46:27.756161 sniffer.go:145: INFO Resolved device index 1 to device: \Device\NPF_{5E472DB4-3BFB-4696-A0DF-4A1BA12EBEB3}????????????????????????????????? ?
2018/08/12 10:46:27.812161 beat.go:233: INFO packetbeat start running.???????????????????????????????????????????????????????????????????????????????????????????????? ?
{"@timestamp":"2018-08-12T10:46:40.000Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":false,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac"
:"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}??????? ?
2018/08/12 10:46:40.546161 client.go:667: INFO Connected to Elasticsearch version 5.6.3??????????????????????????????????????????????????????????????????????????????? ?
2018/08/12 10:46:40.547161 output.go:317: INFO Trying to load template for client: http://localhost:9200?????????????????????????????????????????????????????????????? ?
2018/08/12 10:46:40.560161 output.go:341: INFO Template already exists and will not be overwritten.??????????????????????????????????????????????????????????????????? ?
{"@timestamp":"2018-08-12T10:46:49.999Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":false,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac"
:"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}??????? ?
2018/08/12 10:46:56.488161 metrics.go:39: INFO Non-zero metrics in the last 30s: libbeat.es.call_count.PublishEvents=2 libbeat.es.publish.read_bytes=1061 libbeat.es.pub
lish.write_bytes=1740 libbeat.es.published_and_acked_events=2 libbeat.publisher.messages_in_worker_queues=4 libbeat.publisher.published_events=2?????????????????????? ?
{"@timestamp":"2018-08-12T10:46:59.999Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":false,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac"
:"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}??????? ?
{"@timestamp":"2018-08-12T10:47:09.998Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":false,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac"
:"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}??????? ?
{"@timestamp":"2018-08-12T10:47:19.998Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":false,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac"
:"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}??????? ?
2018/08/12 10:47:26.486161 metrics.go:39: INFO Non-zero metrics in the last 30s: libbeat.es.call_count.PublishEvents=3 libbeat.es.publish.read_bytes=934 libbeat.es.publ
ish.write_bytes=2250 libbeat.es.published_and_acked_events=3 libbeat.publisher.messages_in_worker_queues=6 libbeat.publisher.published_events=3??????????????????????? ?
{"@timestamp":"2018-08-12T10:47:29.997Z","beat":{"hostname":"CN00200036","name":"CN00200036","version":"5.6.4"},"dest":{"ip":"192.168.56.255","mac":"ff:ff:ff:ff:ff:ff",
"port":137},"final":true,"flow_id":"EQIA////DP////8U//8BAAEKACcAABT////////AqDgBwKg4/4kAiQA","last_time":"2018-08-12T10:46:38.814Z","source":{"ip":"192.168.56.1","mac":
"0a:00:27:00:00:14","port":137,"stats":{"net_bytes_total":276,"net_packets_total":3}},"start_time":"2018-08-12T10:46:37.314Z","transport":"udp","type":"flow"}???????? ?
2018/08/12 10:47:56.484161 metrics.go:39: INFO Non-zero metrics in the last 30s: libbeat.es.call_count.PublishEvents=1 libbeat.es.publish.read_bytes=313 libbeat.es.publ
ish.write_bytes=749 libbeat.es.published_and_acked_events=1 libbeat.publisher.messages_in_worker_queues=2 libbeat.publisher.published_events=1???????????????????????? ?
2018/08/12 10:47:57.357161 packetbeat.go:184: INFO Packetbeat send stop signal???????????????????????????????????????????????????????????????????????????????????????? ?
2018/08/12 10:47:57.821161 sniffer.go:384: INFO Input finish. Processed 3 packets. Have a nice day!??????????????????????????????????????????????????????????????????? ?
2018/08/12 10:47:57.821161 util.go:48: INFO flows worker loop stopped????????????????????????????????????????????????????????????????????????????????????????????????? ?
2018/08/12 10:47:57.821161 metrics.go:51: INFO Total non-zero values:? libbeat.es.call_count.PublishEvents=6 libbeat.es.publish.read_bytes=2308 libbeat.es.publish.write
_bytes=4739 libbeat.es.published_and_acked_events=6 libbeat.publisher.messages_in_worker_queues=12 libbeat.publisher.published_events=6??????????????????????????????? ?
2018/08/12 10:47:57.822161 metrics.go:52: INFO Uptime: 1m31.467s?????????????????????????????????????????????????????????????????????????????????????????????????????? ?
2018/08/12 10:47:57.822161 beat.go:237: INFO packetbeat stopped.?????????????????????????????????????????????????????????????????????????????????????????????????????? ?
???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

0 回復 有任何疑惑可以回復我~

裝完WinPcap值后出現(xiàn)了device

C:\Users\ehagsuu\Desktop\elastic\packetbeat-5.6.4-windows-x86
λ packetbeat.exe? -devices
0: \Device\NPF_{4B5EBB52-6745-4792-A1B6-9D0B83004912} (Microsoft) (fe80::180d:af3b:a6bf:fa44 0.0.0.0)
1: \Device\NPF_{5E472DB4-3BFB-4696-A0DF-4A1BA12EBEB3} (Oracle) (fe80::50d7:4301:eee3:eea6 192.168.56.1)
2: \Device\NPF_{21E1A7C8-3D68-4F67-A214-1330E0D60952} (Intel(R) Ethernet Connection I217-LM) (fe80::e03c:550d:6d78:5fba 172.26.5.94)
3: \Device\NPF_{563D9FC1-6EF8-41BC-8C24-DF29D745C969} (VMware Virtual Ethernet Adapter) (fe80::e95e:9b4e:ed53:e7f1 192.168.23.1)
4: \Device\NPF_{626EF6A1-89EF-4D75-9D39-D2423A99BA7B} (Microsoft) (fe80::f407:802d:9f:cfa1 192.168.0.102)

但是我把這五個值更新在es.yml并沒有發(fā)現(xiàn)有什么包被抓到,以0為例,其余都是類似的log

2018/08/12 09:39:59.830161 sniffer.go:145: INFO Resolved device index 0 to device: \Device\NPF_{4B5EBB52-6745-4792-A1B6-9D0B83004912}
2018/08/12 09:39:59.883161 beat.go:233: INFO packetbeat start running.
2018/08/12 09:40:28.697161 metrics.go:34: INFO No non-zero metrics in the last 30s
2018/08/12 09:40:58.695161 metrics.go:34: INFO No non-zero metrics in the last 30s
2018/08/12 09:41:28.693161 metrics.go:34: INFO No non-zero metrics in the last 30s
2018/08/12 09:41:51.367161 packetbeat.go:184: INFO Packetbeat send stop signal
2018/08/12 09:41:51.427161 sniffer.go:384: INFO Input finish. Processed 0 packets. Have a nice day!

0 回復 有任何疑惑可以回復我~

C:\Users\ehagsuu\Desktop\elastic\packetbeat-5.6.4-windows-x86
λ ppacketbeat.exe -devices
No devices found.

0 回復 有任何疑惑可以回復我~

舉報

0/150
提交
取消

packetbeat 無法啟動

我要回答 關注問題
微信客服

購課補貼
聯(lián)系客服咨詢優(yōu)惠詳情

 幫助反饋 APP下載

慕課網APP
您的移動學習伙伴

 公眾號

掃描二維碼
關注慕課網微信公眾號