Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add windows support #31

Open
spotlesscoder opened this issue Oct 11, 2017 · 2 comments
Open

Add windows support #31

spotlesscoder opened this issue Oct 11, 2017 · 2 comments
Assignees

Comments

@spotlesscoder
Copy link

Thanks for this great cookbook!

Please add support for Windows Nodes.

I guess I will not be that much effort as you already wrote the metricbeat cookbook which has windows support and the beats installation is similar to packetbeat.

@spotlesscoder
Copy link
Author

spotlesscoder commented Oct 11, 2017

Oh, I found out that there actually are quite a few differences

  • Windows version needs winpcap

There is a wireshark cookbook, maybe that one helps.

  • Configuration does not allow to capture all interfaces at one.

I guess that we need to make it in such a way that we can provide multiple configuration files and chef-client creates one packetbeat installation for each so we can capture multiple devices.
Another way of solving the 2nd problem might be to have an attribute which is an array where we can insert the device IDs, provide one common config file without device id and chef-client will copy that file into a new packetbeat instance for all the device IDs specified, adding the device ID accordingly to every config file.

@spotlesscoder
Copy link
Author

spotlesscoder commented Oct 12, 2017

I found another solution:

The device ID doesn't have to be specified in the packetbeat.yml config file.
It can be provided via the command line. So an array in the chef attributes could be used to insert the required Device IDs there.

Then, packetbeat can be started as follows multiple times
.\packetbeat.exe -c .\packetbeat.yml -E packetbeat.interfaces.device=<ID_FROM_CHEF_ATTRIBUTE>

e.g.
.\packetbeat.exe -c .\packetbeat.yml -E packetbeat.interfaces.device=0
.\packetbeat.exe -c .\packetbeat.yml -E packetbeat.interfaces.device=1

....

@vkhatri vkhatri self-assigned this Nov 3, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants