Protocol-Specific Metrics
Packetbeat exposes per-protocol metrics under the HTTP monitoring endpoint . These metrics are exposed under the /inputs/ path. They can be used to observe the activity of Packetbeat for the monitored protocol.
Metric
Description
deviceName of the device being monitored.
socket_packetsNumber of packets delivered by the kernel to the shared buffer.
socket_dropsNumber of packets dropped by the kernel on the socket.
socket_queue_freezesNumber of kernel queue freezes on the socket.
packetsNumber of packets handled by Packetbeat.
pollsNumber of blocking syscalls made waiting for packets.
Metric
Description
deviceName of the device being monitored.
received_events_totalNumber of packets processed.
received_bytes_totalNumber of bytes processed.
tcp_overlapsNumber of packets shrunk due to overlap.
tcp.dropped_because_of_gapsNumber of packets dropped because of gaps.
arrival_periodHistogram of the elapsed time between packet arrivals.
processing_timeHistogram of the elapsed time between packet receipt and publication.
fin_flags_totalNumber of TCP FIN (finish) flags observed.
syn_flags_totalNumber of TCP SYN (synchronization) flags observed.
rst_flags_totalNumber of TCP RST (reset) flags observed.
psh_flags_totalNumber of TCP PSH (push) flags observed.
ack_flags_totalNumber of TCP ACK (acknowledgement) flags observed.
urg_flags_totalNumber of TCP URG (urgent) flags observed.
ece_flags_totalNumber of TCP ECE (ECN echo) flags observed.
cwr_flags_totalNumber of TCP CWR (congestion window reduced) flags observed.
ns_flags_totalNumber of TCP NS (nonce sum) flags observed.
received_headers_totalNumber of headers observed, including unprocessed packets.
Metric
Description
deviceName of the device being monitored.
received_events_totalNumber of packets processed.
received_bytes_totalNumber of bytes processed.
arrival_periodHistogram of the elapsed time between packet arrivals.
processing_timeHistogram of the elapsed time between packet receipt and publication.
