Hello, It appears that the packet filter was defined, but not enabled. This would cause the filter to be ignored and all traffic to be logged. To enable the filter use the command: debug dataplane packet-diag set filter on A helpful step to avoid load issues when doing captures and packet-diag logging is to always view counter output against the packet filter prior to enabling either a capture or log. You can do this with the command: show counter global filter delta yes packet-filter yes Run the above command a few times and look at the pkt_recv rate. Any value above 500 for logging, or above 1000 for a capture could potentially cause load issues on a 5000 series firewall. You should refine the filter to decrease the number of sessions being captured or logged to reduce the rate. Thanks, -- Kevin
... View more