How to filter out the 127.0.0.1 traffic from Packetbeat and Logstash?

link之家

链接快照平台

输入网页链接，自动生成快照
标签化管理网页链接

相关文章推荐

还单身的打火机 · WPF ...· 8 月前 ·

逆袭的电梯 · vba Excel日期时间筛选-掘金· 12 月前 ·

逃课的毛豆 · gdb分析C++对象内存布局(一) - 知乎· 1 年前 ·

聪明伶俐的葫芦 · 条件型 CORS 响应下因缺失 Vary: ...· 1 年前 ·

要出家的足球 · SpringCloud在有config配置中 ...· 1 年前 ·

You didn't mention what you are monitoring with Packetbeat, but I'm assuming you are talking about flow data rather than any one specific protocol.

There are multiple ways to filter Packetbeat data. Here are a few options you can set in your config file.


    packetbeat.interfaces.device: eth0

- On Linux the psuedo "any" interface is used by default. If you do not want to capture localhost traffic then you can change the value to listen on a specific interface like


    eth0


    packetbeat.interfaces.bpf_filter: "net 192.168.0.0/16 not port 5044"

- You can use a custom BPF filter to select the traffic you are interested in.

Use a drop_event processor to select specific events to drop. It's more efficient to filter the traffic using one of the other methods. This would drop the data only after it has been processed by Packetbeat and turned into an event.

share improve this answer

推荐文章

还单身的打火机 · WPF 利用子线程弹出子窗体的研究-阿里云开发者社区

8 月前

逆袭的电梯 · vba Excel日期时间筛选-掘金

12 月前

逃课的毛豆 · gdb分析C++对象内存布局(一) - 知乎

1 年前

聪明伶俐的葫芦 · 条件型 CORS 响应下因缺失 Vary: Origin 导致的缓存错乱问题 - 知乎

1 年前

要出家的足球 · SpringCloud在有config配置中心服务的情况下gateway网关启动的时候报错_gateway 无法连接 spring config_有阳光的第一个清晨的博客-CSDN博客

1 年前