Daily packet capture limit

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Daily packet capture limit

L2 Linker

Hello everybody,

can somebody tell me, what this log entry means.

And is it possible to change this limit?

Apr  8 19:24:26

19:24:26,,SYSTEM,general,0,2011/04/08

19:24:26,,general,,0,0,general,high,"Daily packet capture limit (directory threat/20110408\, limit 131072) has been reached."

Reagrds

Christian

2 REPLIES 2

L4 Transporter

Christian,

There is no way to change the limit. Most likely there is not much value here either. You are probably capturing the same packet multiple times as the threat tries repeatedly to to contact its endpoint. It is time to start tuning your firewall and get selective about what you actually log.

Steve Krall

Hi Steve,

I got the same error message.

I will investigate to see what we can not do a packet capture on.

How long is the packet captures retained in the Palo Alto Device? Daily?

Can you confirm? I will look at the documentation as well to see.

Thanks.

Brian

  • 3615 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!