Configuring rolling packet capture settings

Use the Rolling Packet Capture Settings page on your Network IPS appliance to configure how the appliance captures and stores network packet information.

About this task

Navigating in IPS Local Management Interface: Secure Protection Settings > Response Tuning > Rolling Packet Capture Settings

Navigating in SiteProtector™ Management: select the Rolling Packet Capture Settings policy

To retrieve log evidence files and rolling packet capture files go to Review Analysis and Diagnostics > Downloads > Logs and Packet Captures.

Procedure
  1. Configure the following options:
    Option Description
    Enabled Enables the rolling packet capture tool.
    Maximum Files Specifies the maximum number of files the appliance stores. The default is 10.
    Note: When the tool reaches the maximum file number, it begins again with zero (0) and overwrites the existing files.
    Maximum File Size (in MB) Specifies the maximum file size. The default is 1.
    Interfaces Specifies the interfaces the tool captures data from. The default is all interfaces enabled.
    Packet Capture File Format Specifies the log file format. The default is pcap.
    Note: Choose pcap or sniffer.
  2. Apply your changes.