Take traffic captures
If you want to analyze network traffic, capture the network traffic data.
For more details about the product and how to configure features, click Help or press F1.
Steps
Traffic Capture Task Properties dialog box
Use this dialog box to define settings for capturing traffic.
Option | Definition |
---|---|
Engine Interfaces and Filters | The engine interfaces to capture traffic from, and the filters used to limit the scope. |
Search | Opens a search field for the selected element list. |
Tools |
|
Add | Opens the Select Engine Interface dialog box. |
Remove | Removes the selected Engine Interfaces and Filters from the list. |
Comment | An optional comment for your own reference. |
Maximum Duration | Specifies the maximum duration of the traffic capture. The duration is applied to all interfaces selected for the capture. The creation of the tcpdump file stops automatically once the maximum duration has been reached. |
Maximum File Size | Specifies the maximum size of the tcpdump file. The creation of the tcpdump file stops automatically once the maximum file size has been reached. |
Description
(Optional) |
Adds a description of the traffic capture. This description is included as a separate file in the traffic capture .zip file. |
Capture Headers Only
(Optional) |
When selected, includes only IP headers in the tcpdump files. Do not select this option if you want to include full packets in the capture. |
Include sgInfo
(Optional) |
When selected, includes system configuration files and system trace files in the traffic capture .zip file.
It is important to include this information if you send the traffic capture to Forcepoint Customer Hub. |
Destination Path |
|
Start Capture | Starts the traffic capture. |