Protocol-Specific Metrics

edit

Packetbeat exposes per-protocol metrics under the HTTP monitoring endpoint. These metrics are exposed under the /inputs path. They can be used to observe the activity of Packetbeat for the monitored protocol.

AF_PACKET Metrics

edit
Metric Description

device

Name of the device being monitored.

socket_packets

Number of packets delivered by the kernel to the shared buffer.

socket_drops

Number of packets dropped by the kernel on the socket.

socket_queue_freezes

Number of kernel queue freezes on the socket.

packets

Number of packets handled by Packetbeat.

polls

Number of blocking syscalls made waiting for packets.

TCP Metrics

edit
Metric Description

device

Name of the device being monitored.

received_events_total

Number of packets processed.

received_bytes_total

Number of bytes processed.

tcp_overlaps

Number of packets shrunk due to overlap.

tcp.dropped_because_of_gaps

Number of packets dropped because of gaps.

arrival_period

Histogram of the elapsed time between packet arrivals.

processing_time

Histogram of the elapsed time between packet receipt and publication.

UDP Metrics

edit
Metric Description

device

Name of the device being monitored.

received_events_total

Number of packets processed.

received_bytes_total

Number of bytes processed.

arrival_period

Histogram of the elapsed time between packet arrivals.

processing_time

Histogram of the elapsed time between packet receipt and publication.