The Packets page provides access to packets captured when rules where triggered.
Topics:
- How do I select packets to view?
- How do I change the detail of the decodes?
- How do I download the captured packets?
How do I select packets to view?
The Filter option at the top of the screen controls the Class Type and SID of the captured packets displayed.
If no Class Type is selected, a list of the class types for which packets have been captured will be displayed. Select a Class Type, either by clicking on its entry in the list, or by setting the Class Type in the Filter bar. A list of rules for which packets have been captured will be displayed. Select a rule to display the packets captured for that rule.
How do I change the detail of the decodes?
In the packet capture view, an additional two options appear in the Filter bar, File allowing specific packet capture files to be selected and Detail controlling the detail level used when displaying captured packets.
How do I download the captured packets?
The Download link is provided that allows the packet capture file to be downloaded for analysis by another packet analyzer (the file is in the popular PCAP format supported by many packet analyzers).