 | 1 | initial version |
The Elasticsearch dissector uses UDP port 54328 and TCP port 9300 by default. UDP and TCP packets using these ports run the risk of being mislabeled like this. Simplest way to solve this, since you do not deploy Elasticsearch, is to simple disable the Elasticsearch protocol, through the menu Analyze | Enabled protocols..., search for Elasticsearch in that dialog and uncheck the protocol.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
