youtubebeat/vendor/github.com/elastic/beats/packetbeat/docs/troubleshooting.asciidoc

[[troubleshooting]]
= Troubleshooting

[partintro]
--
If you have issues installing or running Packetbeat, read the
following tips:

* <<getting-help>>
* <<enable-packetbeat-debugging>>
* <<recording-trace>>
* <<faq>>

//sets block macro for getting-help.asciidoc included in next section

--

[[getting-help]]
== Get help

include::../../libbeat/docs/getting-help.asciidoc[]

//sets block macro for debugging.asciidoc included in next section

[[enable-packetbeat-debugging]]
== Debug

include::../../libbeat/docs/debugging.asciidoc[]

//sets block macro for recording-trace content included in next section

[[recording-trace]]
== Record a trace

If you are having an issue, it's often useful to record a full network trace
and send it to us. It will help us reproduce the issue, and we can also add it
to our automatic regression tests so that the problem never reoccurs. A trace
of 10-20 seconds is usually enough. To record the trace, you can use the following Packetbeat command:

[source,shell]
------------------------------------------------------------
packetbeat -e -dump trace.pcap
------------------------------------------------------------

This command executes Packetbeat in normal mode (all processing happens as usual), but
at the same time, it records all packets in libpcap format in the `trace.pcap`
file. If there's a particular error message you want us to investigate, please
keep the trace running until the error shows up (it will printed on standard
error).

WARNING: PCAP files can be large. Please monitor the disk usage while doing the
dump to make sure you don't run out of disk space. Whenever possible, we
recommend recording the trace on a non-production machine.
Add generated youtubebeat files 2018-11-18 11:08:38 +01:00			`[[troubleshooting]]`
			`= Troubleshooting`

			`[partintro]`
			`--`
			`If you have issues installing or running Packetbeat, read the`
			`following tips:`

			`* <<getting-help>>`
			`* <<enable-packetbeat-debugging>>`
			`* <<recording-trace>>`
			`* <<faq>>`

			`//sets block macro for getting-help.asciidoc included in next section`

			`--`

			`[[getting-help]]`
			`== Get help`

			`include::../../libbeat/docs/getting-help.asciidoc[]`

			`//sets block macro for debugging.asciidoc included in next section`

			`[[enable-packetbeat-debugging]]`
			`== Debug`

			`include::../../libbeat/docs/debugging.asciidoc[]`

			`//sets block macro for recording-trace content included in next section`

			`[[recording-trace]]`
			`== Record a trace`

			`If you are having an issue, it's often useful to record a full network trace`
			`and send it to us. It will help us reproduce the issue, and we can also add it`
			`to our automatic regression tests so that the problem never reoccurs. A trace`
			`of 10-20 seconds is usually enough. To record the trace, you can use the following Packetbeat command:`

			`[source,shell]`
			`------------------------------------------------------------`
			`packetbeat -e -dump trace.pcap`
			`------------------------------------------------------------`

			`This command executes Packetbeat in normal mode (all processing happens as usual), but`
			at the same time, it records all packets in libpcap format in the `trace.pcap`
			`file. If there's a particular error message you want us to investigate, please`
			`keep the trace running until the error shows up (it will printed on standard`
			`error).`

			`WARNING: PCAP files can be large. Please monitor the disk usage while doing the`
			`dump to make sure you don't run out of disk space. Whenever possible, we`
			`recommend recording the trace on a non-production machine.`