Hi Guys I have been working on a Wireshark dissector for elasticsearch. This allows you to more intelligently debug elasticsearch problems at the network level. I have been working in my own branch of Wireshark and will be getting it merged in the official distribution as soon as I can get some feedback from you guys!
Here is a sneak peek so far: <https://lh6.googleusercontent.com/-IUSq-Wh-E-c/VDh9FVycl8I/AAAAAAAAAIg/Ad_qXH3qgKs/s1600/es_discovery.png> <https://lh6.googleusercontent.com/-T0DBxs0s4nw/VDh9NemE8uI/AAAAAAAAAIo/gtw3t2RT98Y/s1600/dissect_action.png> <https://lh3.googleusercontent.com/-q1kZ_WwvDT0/VDh9T9iTrwI/AAAAAAAAAIw/4_nujAWABkU/s1600/dissect_track_request_id.png> <https://lh6.googleusercontent.com/-jIlhal5E1QY/VDh9a7oGgSI/AAAAAAAAAI4/cG69wSp7d00/s1600/dissect_http_elasticsearch.png> If you be great if I could get some others to test this out before I get it into the official Wireshark tree. It *should *support version of ES > V0.20.0RC1 (I have been testing against the latest as of writing and I don't think the binary protocol has changed since then). You can get it at *https://github.com/ryandoyle/wireshark.git* on the branch *es_dissector*. Build instructions are at https://www.wireshark.org/docs/wsdg_html_chunked/ChSrcBuildFirstTime.html. It's the usual ./configure && make && make install type deal. There are some limitations currently, so on the to-do list is the following: - Dissect the whole packet for request/response packets. - Decompress compressed packets - Track request/response IDs so you can back reference a response to a request and vica-versa - *Maybe *support older versions I'll update you once it's merged and/or I get feedback from you guys. Cheers! Ryan -- You received this message because you are subscribed to the Google Groups "elasticsearch" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/elasticsearch/1add59e6-4e6f-4ee8-a5fc-df42a03f456e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
