Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3065
Views
5
Helpful
1
Replies

How to capture packet via SourceFire GUI?

wihuang
Cisco Employee
Cisco Employee

‎06-30-2015 03:12 AM

Hi all,

I know that we can capture via CLI, but I am looking if we can use it via GUI.

Please help to provide the document if available.

 

Thanks,

Willy

Labels:
0 Helpful
1 Reply 1

pepiscop
Level 1
Level 1

‎09-28-2015 01:29 PM

Hello Willy,

 

Assuming you are working with Sourcefire's FireSight Management System, you may create a snort rule to define the traffic you would like to capture. Once the rule is triggered, navigate to Analysis > Intrusion > Events. From their select the events you would like the pcaps and click the download button.

Here is a guide which provides step by step instructions using screenshots:

http://www.cisco.com/c/en/us/support/docs/security/firesight-management-center/117892-technote-sourcefire-00.html

 

Let me know if it solved your issue!

 

- Peter

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card