Packet Capture instance within Details of Traffic Log

Reply
Highlighted
L4 Transporter

Packet Capture instance within Details of Traffic Log

Hello,

What is the significance of the "green down arrow" packet capture within the "Details" field of the Traffic Log? We have no packet capture defined and it only shows up randomly for certain connections.  Is this an automatic output if there are issues within the session? Thanks!

Cheers,

Mike

L4 Transporter

Re: Packet Capture instance within Details of Traffic Log

The segmented down arrow represents a packet capture, this would be something that you or somebody who might have access to your PAN setup. It can be done via policy or from within the CLI. When you do see these they represent a specific packet type often unique to a given application. Look at your app filter as this is the most common usage.

~Phil

L4 Transporter

Re: Packet Capture instance within Details of Traffic Log

In this case - it's not a defined application in the rule.  It's a defined port.  Also I never setup packet capture on this device - neither cli or policy.  And the down arrow is random - only shows up once in a while.  That's why I thought perhaps it was auto creating a capture based on an event happening.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!