Packetbeat

Lightweight shipper for network data

Monitoring your network traffic is critical to gaining observability and securing your environment — ensuring high levels of performance and security. Packetbeat is a lightweight network packet analyzer that sends data from your hosts and containers to Logstash or Elasticsearch.

Download

Packetbeat documentation

Monitor services and applications

Network protocols like HTTP let you keep a pulse on application latency and errors, response times, SLA performance, user access patterns and trends, and more.

Packetbeat enables you to access this data to understand how traffic is flowing through your network. It’s totally passive, has zero latency overhead, and doesn’t interfere with your infrastructure. Explore the live demo.

Pick a protocol. Or build your own.

Packetbeat is also a library. It supports many application layer protocols, from database to key-value stores to HTTP and low-level protocols. Choose the one you need or add your own by submitting a pull request.

Overview
DNS
Flows
HTTP
MySQL

Search and analyze network traffic

Skip performing a variety of incantations to get your data into proper shape for search and analysis. Packetbeat takes care of this for you in real time, on your target servers.

Ship to Elasticsearch or Logstash. Visualize in Kibana.

Packetbeat supports Elastic Common Schema (ECS) and is part of the Elastic Stack — meaning it works seamlessly with Logstash, Elasticsearch, and Kibana. Whether you want to transform or enrich your network data with Logstash, fiddle with some analytics in Elasticsearch, or review data in Kibana on a dashboard or in Elastic Security, Packetbeat makes it easy.

It doesn't miss a beat

Spool your network traffic info to disk so your pipeline doesn’t skip a data point — even when downstream issues occur. Packetbeat retains your network data and then ships it all to Elasticsearch or Logstash when things are back to normal.

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.6 released

Upgrade the Elastic Stack

Documentation

ElasticON Global 2023

We're hiring

Power of Elastic

Improving digital customer experiences

Evolving the DevOps lifecycle

Security without limits

Public Sector

Financial Services

Telecommunications

Healthcare

Technology

Retail and Ecommerce

Media and Entertainment

Manufacturing and Automotive

SIEM buyer's guide for the modern SOC

Enterprise Search

Observability

Security

Getting started

Support

Contact us

Jaguar Land Rover

Emirates NBD

Zurich Insurance

Documentation

Blogs

Training

Events

Community

Consulting

Driving quantified success with Elastic Enterprise Search

Get started with Elasticsearch

Observability Engineer training

About

Careers

Press

Partners

Investor Relations

Elastic Excellence Awards

Why now is the time to move critical databases to the cloud

Enterprise Search

Observability

Security

Elastic Cloud

Elastic (ELK) Stack

Elastic 8.6 released

Upgrade the Elastic Stack

Documentation

ElasticON Global 2023

We're hiring

Power of Elastic

Improving digital customer experiences

Evolving the DevOps lifecycle

Security without limits

Public Sector

Financial Services

Telecommunications

Healthcare

Technology

Retail and Ecommerce

Media and Entertainment

Manufacturing and Automotive

Enterprise Search

Observability

Security

Getting started

Support

Contact us

Jaguar Land Rover

Emirates NBD

Zurich Insurance

Documentation