You can capture network traffic. The content of the packet capture provides a greater insight into the traffic which generated the log. With this feature activated, the Security Gateway sends a packet capture file with the log to the log server. You can open the file, or save it to a file location to retrieve the information a later time.
For some blades, the packet capture option is activated by default in Threat Policy.
To deactivate packet capture (in Threat Policy only):
To see a packet capture:
The Packet Capture opens in a program associated with the file type.