// init packetbeat components
func (pb *packetbeat) init(b *beat.Beat) error {
cfg := &pb.config
err := procs.ProcWatcher.Init(cfg.Procs)
if err != nil {
logp.Critical(err.Error())
return err
}
// This is required as init Beat is called before the beat publisher is initialised
b.Config.Shipper.InitShipperConfig()
pb.pub, err = publish.NewPublisher(b.Publisher, *b.Config.Shipper.QueueSize, *b.Config.Shipper.BulkQueueSize, pb.config.IgnoreOutgoing)
if err != nil {
return fmt.Errorf("Initializing publisher failed: %v", err)
}
logp.Debug("main", "Initializing protocol plugins")
err = protos.Protos.Init(false, pb.pub, cfg.Protocols)
if err != nil {
return fmt.Errorf("Initializing protocol analyzers failed: %v", err)
}
logp.Debug("main", "Initializing sniffer")
err = pb.setupSniffer()
if err != nil {
return fmt.Errorf("Initializing sniffer failed: %v", err)
}
return nil
}
// Setup packetbeat
func (pb *Packetbeat) Setup(b *beat.Beat) error {
if err := procs.ProcWatcher.Init(pb.PbConfig.Procs); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
queueSize := defaultQueueSize
if pb.PbConfig.Shipper.QueueSize != nil {
queueSize = *pb.PbConfig.Shipper.QueueSize
}
bulkQueueSize := defaultBulkQueueSize
if pb.PbConfig.Shipper.BulkQueueSize != nil {
bulkQueueSize = *pb.PbConfig.Shipper.BulkQueueSize
}
pb.Pub = publish.NewPublisher(b.Publisher, queueSize, bulkQueueSize)
pb.Pub.Start()
logp.Debug("main", "Initializing protocol plugins")
err := protos.Protos.Init(false, pb.Pub, pb.PbConfig.Protocols)
if err != nil {
logp.Critical("Initializing protocol analyzers failed: %v", err)
os.Exit(1)
}
pb.over = make(chan bool)
logp.Debug("main", "Initializing sniffer")
if err := pb.setupSniffer(); err != nil {
logp.Critical("Initializing sniffer failed: %v", err)
os.Exit(1)
}
// This needs to be after the sniffer Init but before the sniffer Run.
if err := droppriv.DropPrivileges(config.ConfigSingleton.RunOptions); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
return nil
}
// Setup packetbeat
func (pb *Packetbeat) Setup(b *beat.Beat) error {
cfg := &pb.PbConfig.Packetbeat
if err := procs.ProcWatcher.Init(cfg.Procs); err != nil {
logp.Critical(err.Error())
return err
}
queueSize := defaultQueueSize
if b.Config.Shipper.QueueSize != nil {
queueSize = *b.Config.Shipper.QueueSize
}
bulkQueueSize := defaultBulkQueueSize
if b.Config.Shipper.BulkQueueSize != nil {
bulkQueueSize = *b.Config.Shipper.BulkQueueSize
}
pb.Pub = publish.NewPublisher(b.Publisher, queueSize, bulkQueueSize)
pb.Pub.Start()
logp.Debug("main", "Initializing protocol plugins")
err := protos.Protos.Init(false, pb.Pub, cfg.Protocols)
if err != nil {
return fmt.Errorf("Initializing protocol analyzers failed: %v", err)
}
logp.Debug("main", "Initializing sniffer")
if err := pb.setupSniffer(); err != nil {
return fmt.Errorf("Initializing sniffer failed: %v", err)
}
// This needs to be after the sniffer Init but before the sniffer Run.
if err := droppriv.DropPrivileges(cfg.RunOptions); err != nil {
return err
}
return nil
}
// init packetbeat components
func (pb *Packetbeat) init(b *beat.Beat) error {
cfg := &pb.Config
err := procs.ProcWatcher.Init(cfg.Procs)
if err != nil {
logp.Critical(err.Error())
return err
}
queueSize := defaultQueueSize
if b.Config.Shipper.QueueSize != nil {
queueSize = *b.Config.Shipper.QueueSize
}
bulkQueueSize := defaultBulkQueueSize
if b.Config.Shipper.BulkQueueSize != nil {
bulkQueueSize = *b.Config.Shipper.BulkQueueSize
}
pb.Pub, err = publish.NewPublisher(b.Publisher, queueSize, bulkQueueSize)
if err != nil {
return fmt.Errorf("Initializing publisher failed: %v", err)
}
logp.Debug("main", "Initializing protocol plugins")
err = protos.Protos.Init(false, pb.Pub, cfg.Protocols)
if err != nil {
return fmt.Errorf("Initializing protocol analyzers failed: %v", err)
}
logp.Debug("main", "Initializing sniffer")
err = pb.setupSniffer()
if err != nil {
return fmt.Errorf("Initializing sniffer failed: %v", err)
}
return nil
}
// Setup packetbeat
func (pb *Packetbeat) Setup(b *beat.Beat) error {
if err := procs.ProcWatcher.Init(pb.PbConfig.Procs); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
pb.Sniff = new(sniffer.SnifferSetup)
queueSize := defaultQueueSize
if pb.PbConfig.Shipper.QueueSize != nil {
queueSize = *pb.PbConfig.Shipper.QueueSize
}
pb.Pub = publish.NewPublisher(b.Publisher, queueSize)
pb.Pub.Start()
logp.Debug("main", "Initializing protocol plugins")
for proto, plugin := range EnabledProtocolPlugins {
err := plugin.Init(false, pb.Pub)
if err != nil {
logp.Critical("Initializing plugin %s failed: %v", proto, err)
os.Exit(1)
}
protos.Protos.Register(proto, plugin)
}
var err error
icmpProc, err := icmp.NewIcmp(false, pb.Pub)
if err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
tcpProc, err := tcp.NewTcp(&protos.Protos)
if err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
udpProc, err := udp.NewUdp(&protos.Protos)
if err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
pb.over = make(chan bool)
logp.Debug("main", "Initializing sniffer")
err = pb.Sniff.Init(false, icmpProc, icmpProc, tcpProc, udpProc)
if err != nil {
logp.Critical("Initializing sniffer failed: %v", err)
os.Exit(1)
}
// This needs to be after the sniffer Init but before the sniffer Run.
if err = droppriv.DropPrivileges(config.ConfigSingleton.RunOptions); err != nil {
logp.Critical(err.Error())
os.Exit(1)
}
return err
}
