Would you like to learn how to install Packetbeat on Ubuntu Linux? In this tutorial, we are going to show you how to install the Packetbeat service on a computer running Ubuntu Linux and send the network information to an ElasticSearch server.
• Ubuntu 18
• Ubuntu 19
• ElasticSearch 7.6.2
• Kibana 7.6.2
• Packetbeat 7.6.2
In our example, The ElastiSearch server IP address is 192.168.100.7.
ElasticSearch Related Tutorial:
On this page, we offer quick access to a list of tutorials related to ElasticSearch installation.
Tutorial Packetbeat – Installation on Ubuntu Linux
Set a hostname using the command named hostnamectl.
Reboot the computer.
Install the required packages.
Download and install the Packetbeat package.
Edit the Packetbeat configuration file named packetbeat.yml.
Here is the original file, before our configuration.
Here is the file with our configuration.
In our example, we configured the Packetbeat service to send data to the ElasticSearch server 192.168.100.7.
In our example, we configured the Packetbeat service to connect to the Kibana server 192.168.100.7.
Use the following command to create the Packetbeat dashboards on the Kibana server.
Start the Packetbeat service.
Configure the Packetbeat service to start during boot time.
Congratulations! You have finished the Packetbeat installation on Ubuntu Linux.
Kibana – Accessing the Packetbeat Dashboard
Open your browser and enter the IP address of your Kibana server plus :5601.
In our example, the following URL was entered in the Browser:
• http://192.168.100.7:5601
The Kibana web interface should be presented
On the Visualize and Explore Data area, select the Dashboard option.
Search for dashboards named Packetbeats.
Select the desired Packetbeat dashboard.
Congratulations! You are able to access the Packetbeat information on the Kibana server.
