youtubebeat/vendor/github.com/elastic/beats/packetbeat/docs/overview.asciidoc

[[packetbeat-overview]]
== Packetbeat overview

++++
<titleabbrev>Overview</titleabbrev>
++++

Packetbeat is a real-time network packet analyzer that you can use
with Elasticsearch to provide an _application monitoring and performance
analytics system_. Packetbeat completes the {libbeat}/index.html[Beats platform]
by providing visibility between the servers of your network.

Packetbeat works by capturing the network traffic between your application servers,
decoding the application layer protocols (HTTP, MySQL, Redis, and so on),
correlating the requests with the responses, and recording the
interesting <<exported-fields,fields>> for each transaction.

Packetbeat can help you easily notice issues with your back-end application, such as bugs
or performance problems, and it makes troubleshooting them - and therefore
fixing them - much faster.

Packetbeat sniffs the traffic between your servers, parses the
application-level protocols on the fly, and correlates the messages into transactions.
Currently, Packetbeat supports the following protocols:

include::shared-protocol-list.asciidoc[]

Packetbeat can insert the correlated transactions directly into Elasticsearch
or into a central queue created with Redis and Logstash.

Packetbeat can run on the same servers as your application processes or
on its own servers. When running on dedicated servers, Packetbeat can get the
traffic from the switch's mirror ports or from tapping devices. In such a
deployment, there is zero overhead on the monitored application. See
<<configuration-interfaces>> for details.

After decoding the Layer 7 messages, Packetbeat correlates the requests with
the responses in what we call _transactions_. For each transaction, Packetbeat
inserts a JSON document into Elasticsearch. See the <<exported-fields>> section
for details about which fields are indexed.

The same Elasticsearch and Kibana instances that are used for analysing the
network traffic gathered by Packetbeat can be used for analysing the log files
gathered by Logstash. This way, you can have network traffic and log analysis
in the same system.
Add generated youtubebeat files 2018-11-18 11:08:38 +01:00			`[[packetbeat-overview]]`
			`== Packetbeat overview`

			`++++`
			`<titleabbrev>Overview</titleabbrev>`
			`++++`

			`Packetbeat is a real-time network packet analyzer that you can use`
			`with Elasticsearch to provide an _application monitoring and performance`
			`analytics system_. Packetbeat completes the {libbeat}/index.html[Beats platform]`
			`by providing visibility between the servers of your network.`

			`Packetbeat works by capturing the network traffic between your application servers,`
			`decoding the application layer protocols (HTTP, MySQL, Redis, and so on),`
			`correlating the requests with the responses, and recording the`
			`interesting <<exported-fields,fields>> for each transaction.`

			`Packetbeat can help you easily notice issues with your back-end application, such as bugs`
			`or performance problems, and it makes troubleshooting them - and therefore`
			`fixing them - much faster.`

			`Packetbeat sniffs the traffic between your servers, parses the`
			`application-level protocols on the fly, and correlates the messages into transactions.`
			`Currently, Packetbeat supports the following protocols:`

			`include::shared-protocol-list.asciidoc[]`

			`Packetbeat can insert the correlated transactions directly into Elasticsearch`
			`or into a central queue created with Redis and Logstash.`

			`Packetbeat can run on the same servers as your application processes or`
			`on its own servers. When running on dedicated servers, Packetbeat can get the`
			`traffic from the switch's mirror ports or from tapping devices. In such a`
			`deployment, there is zero overhead on the monitored application. See`
			`<<configuration-interfaces>> for details.`

			`After decoding the Layer 7 messages, Packetbeat correlates the requests with`
			`the responses in what we call _transactions_. For each transaction, Packetbeat`
			`inserts a JSON document into Elasticsearch. See the <<exported-fields>> section`
			`for details about which fields are indexed.`

			`The same Elasticsearch and Kibana instances that are used for analysing the`
			`network traffic gathered by Packetbeat can be used for analysing the log files`
			`gathered by Logstash. This way, you can have network traffic and log analysis`
			`in the same system.`