Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2403
Views
20
Helpful
2
Replies

Firepower CLI: Capture vs. Capture-Traffic

Go to solution
cpaquet
Level 1
Level 1

‎09-02-2020 05:48 PM

Would someone help me understand the difference of: > capture     and > capture-traffic.  When would I use one over the other?  

The only differences I see are:

1. capture focuses on one interface

2. capture-traffic can be much more verbose, and has dozens of options to augment the granularity of information.

 

Anything else?  Am I missing something?

 

Thanks.

Cath.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-02-2020 08:53 PM

The commands differentiate between a LINA (ASA subsystem) type capture at the ingress or egress interface vs a Snort capture which happens after the packets are passed to the Snort subsystem via the DAQ.

Firepower capture types.PNG

View solution in original post

2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎09-02-2020 08:53 PM

The commands differentiate between a LINA (ASA subsystem) type capture at the ingress or egress interface vs a Snort capture which happens after the packets are passed to the Snort subsystem via the DAQ.

Firepower capture types.PNG

Go to solution
cpaquet
Level 1
Level 1
In response to Marvin Rhoads

‎09-03-2020 02:28 PM

Wow.  Outstanding explanation Marvin.  Could you become the Writer-in-Chief of the Command Reference Guide for Firepower? ;)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card