diff --git a/packetbeat.conf b/packetbeat.conf index a3e2c1430d2..92eb5508302 100644 --- a/packetbeat.conf +++ b/packetbeat.conf @@ -1,30 +1,29 @@ ### -### PacketBeat configuration file. +### Packetbeat Agent configuration file. ### -### PacketBeat is a protocol monitoring service that +### Packetbeat is a protocol monitoring service that ### works by sniffing the network traffic between your application -### components. It dumps the results into elasticsearch. +### components. It dumps the results into Elasticsearch. ### -### Go to http://packetbeat.com/gettingstarted for more details. +### Go to http://packetbeat.com/getstarted for more details. ### +[elasticsearch] +# Set the host and port where to find Elasticsearch. +host = "localhost" +port = 9200 + [interfaces] # Select on which network interfaces to sniff. You can use the "any" # keyword to sniff on all connected interfaces. device = "any" -[elasticsearch] -# Set the host and port where to find ElasticSearch. Most likely you -# need to change the port. -host = "localhost" -port = 9200 - +[protocols] # Configure which protocols to monitor and on which ports are they # running. You can disable a given protocol by commenting out its # configuration. -[protocols] [protocols.http] - ports = [80, 8080, 8081, 5000, 8002] + ports = [80, 8080, 8000, 5000, 8002] [protocols.mysql] ports = [3306] @@ -33,8 +32,7 @@ port = 9200 ports = [6379] [procs] -# Uncomment the following line to disable reading the processes from -# the proc file system. +# Uncomment the following line to disable the process monitoring. # dont_read_from_proc = true # Which processes to monitor and how to find them. The processes can @@ -45,6 +43,9 @@ port = 9200 [procs.monitored.nginx] cmdline_grep = "nginx" + [procs.monitored.app] + cmdline_grep = "gunicorn" + [agent] # The name of the agent as it will show up in the web interface. If not # defined, we will just use the hostname. @@ -52,14 +53,15 @@ port = 9200 #name= [runoptions] -# The PacketBeats agent can drop privileges after creating the sniffing +# The Packetbeat agent can drop privileges after creating the sniffing # socket. Root access is required for opening the socket but everything # else requires no privileges. Therefore, it is strongly recommended # to have the Agent switch users after the initialization phase. -# The following two settings set the User Id and the Group Id under +# The following two settings set the User Id and the Group Id under # which the Agent will run. # Warning: Because on Linux Setuid doesn't change the uid of all threads, # the Go garbage collector will continue to run as root. +# Note: Process monitoring only works when running as root. #uid=501 #gid=501