Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
541
Views
5
Helpful
2
Replies

How to store " show capture "word' output

skmdimran
Level 1
Level 1

‎04-17-2011 06:23 AM - edited ‎03-11-2019 01:22 PM

Dear Concern ,

I have a cisco ASA 5505 . I need to store " show capture 'word' ( where is a variable) output  to syslog server for analyzing packet and port  .


Please help me

Imran

Labels:
0 Helpful
2 Replies 2

Shrikant Sundaresh
Cisco Employee
Cisco Employee

‎04-17-2011 07:27 AM

Hi Imran,

The Capture cannot be sent in the form of syslogs to the syslog server. However, you can extract the current capture from/to the syslog server in the following ways:

1. in the browser, type in https:///capture//pcap

You should have "http server enable" and allow access from syslog server "http 255.255.255.255 " on the ASA, before you can do this.

2. In the ASA command line, enter the command "copy /pcap capture: tftp" and fill in the prompts that follow. You should have a TFTP service running on the syslog server, in order to export the capture to the syslog server.

Once you get the file from either of the 2 ways, you can use something like wireshark to analyze the data.

I don't think there is a real time way to continuously export the capture onto the server.

Hope this helps.

-Shrikant

P.S.: Please mark the question as answered, if it has been resolved. Do rate helpful posts. Thanks.

skmdimran
Level 1
Level 1
In response to Shrikant Sundaresh

‎04-17-2011 11:23 PM

thanks for the reply , it will help me

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card