Packet Capture Profile
Packet Capture (PCAP) captures data packets that are transmitted across the network, allowing for detailed analysis of the network traffic. PCAP can be used to monitor network traffic for signs of malicious activity by analyzing the captured packets, security systems can detect and respond to potential threats in real-time and allows you to reconstruct the sequence of events leading up to the incident and identify the source and nature of the attack. This information can be helpful in diagnosing a timeline or to troubleshoot events such as connectivity problems, latency, and packet loss.
Create a Packet Capture Profile
Use the following procedure to create a pack capture profile:
Procedure
Step 1 |
Navigate to . |
Step 2 |
Click Create. |
Step 3 |
Specify a unique Name. |
Step 4 |
(Optional) Enter a Description. This may help differentiate between other profiles with a similar name. |
Step 5 |
Specify a CSP Account. |
Step 6 |
The type of cloud service provider may determine the parameters for the storage bucket. Be aware of the following requirments per cloud service provider:
|
Step 7 |
Click Save. |
What to do next
Attach the profile to a policy rule set. See Rule Sets and Rule Set Groups for more information.