He hallo folks, iam interested if it possible to integrate Wireshark in de Zabbix monitoring tool.
Iam also interested how to parse Wireshark logs in Logstash, if it is possible at all
Hi,
From Wikipedia ‘Zabbix is an enterprise-class open source software for monitoring of networks and applications’. Wireshark ‘is a free and open-source packet analyzer.’ If I understand correctly Zabbix provides a high level overview of of networks and applications while Wireshark is a tool for packet analysis ie. low level. In that sense you are asking a theoretical question on whether Zabbox can integrate the Wireshark module but that will depend on the developer being able to code that ‘integration’ layer. Otherwise it should just be an option to export/send packets to Wireshark and do analysis on Wireshark itself.
To parse Wireshark logs in Logstash, do you mean in Wireshark ‘Export Packet Dissections’> As Plain Text and then Logstash can work on it?
If that is the case it is usually done manually export then somehow import to Logstash.
Right click on the head column, press “Column Preferences”, press “Add”, change “Field Type” to “Hardware scr addr”.
sara