Use the Rolling Packet Capture Settings page
on your Network
IPS appliance
to configure how the appliance captures and stores network packet
information. Use the files recorded by this feature and the log evidence
feature for forensic research and troubleshooting.
About this task
Navigating in the IPS Local Management Interface:
Navigating in SiteProtector™ Management: select the Rolling
Packet Capture Settings policy
To
retrieve log evidence files and rolling packet capture files, go to .
Procedure
- Configure the following options:
Option |
Description |
Enabled |
Enables the rolling packet capture feature. |
Maximum Files |
Specifies the maximum number of files that the appliance stores.
The default is 10. Note: When the feature reaches
the maximum file number, it begins again with zero (0) and overwrites
the existing files.
|
Maximum File Size (in MB) |
Specifies the maximum file size. The default is 1. |
Interfaces |
Specifies the interfaces from where the feature captures data.
The default is all interfaces. |
Packet Capture File Format |
Specifies the log file format. The default format is pcap but
you can choose sniffer. |
- Apply your changes.