Packet Capture

You can capture network traffic. The content of the packet capture provides a greater insight into the traffic which generated the log. With this feature activated, the Security Gateway sends a packet capture file with the log to the log server. You can open the file, or save it to a file location to retrieve the information a later time.

For some blades, the packet capture option is activated by default in Threat Policy.

To deactivate packet capture (in Threat Policy only):

1. In SmartConsole, in the Security Policies view
2. In the Track column of the rule, right-click and clear Packet Capture.

To see a packet capture:

1. In SmartConsole, go to the Logs & Monitor view.
2. Open the log.
3. Click the link in the Packet Capture field.

   The Packet Capture opens in a program associated with the file type.

4. Optional - Click Save to save the packet capture data on your computer.