08-24-2022 01:15 PM - edited 08-24-2022 01:22 PM
Hello Cisco Security Analytics Community,
Has anyone been able to download packet capture files in the .pcap format, from the Secure Analytics management center? I am looking to do so, for packets that were involved in past alarms that have triggered in the console. I saw that you can download this data, by setting up a live packet capturing session in the Flow Collector in central management at the Appliance Statistics page. It would be best however, if you can perform this operation for past collected and processed network telemetry as well.
Solved! Go to Solution.
08-24-2022 10:21 PM
Hello @davedvo,
Unfotunately, this is not possible with the "normal" features. You said correctly, you can monitor the live traffic on a FC and download the packages then. However, you can't get the traffic from an event.
But, if you want this happen, we can make this happen for you! Check out this one: https://packetcontinuum.nextcomputing.com/ciscosecurity/
Might this be what you're looking for?
Cheers!
08-24-2022 10:21 PM
Hello @davedvo,
Unfotunately, this is not possible with the "normal" features. You said correctly, you can monitor the live traffic on a FC and download the packages then. However, you can't get the traffic from an event.
But, if you want this happen, we can make this happen for you! Check out this one: https://packetcontinuum.nextcomputing.com/ciscosecurity/
Might this be what you're looking for?
Cheers!
08-25-2022 05:14 AM
Hi Good Morning @Philipp Tannich
Thanks a huge amount for the update to my question and the company that works with Cisco to allow for this feature to exist. I'll look into ordering an appliance form Packetcontinuum.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide