Filter
Top Products
Brocade Network Advisor IP User Manual 1213
53-1003056-01
Chapter
38
Packet Capture (Pcap)
In this chapter
•Configuring packet captures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1213
Configuring packet captures
Organizations can configure switches as sensors to capture packets through the embedded sFlow
capability and send them back to the Management application, which acts as an sFlow collector.
The Management application then converts the sFlow data to Pcap format, which is understood by
a variety of open source products. The open source products can then provide valuable tools to
detect and defend against network attacks.
NOTE
Snort
®
is the only Pcap-aware tool supported by the Management application. For more information,
refer to “Snort message forwarding” on page 1166.
To configure packet captures (PCAP)-related properties, complete the following steps:
1. Select Configure > Packet Capture (Pcap).
The Configure Pcap dialog box, shown in Figure 506, displays.
FIGURE 506 Configure Pcap dialog box
2. Click the Convert sFlow to Pcap check box to convert sFlow data to PCAP-formatted packets.
3. Click the Enable Pcap check box to instruct the Management application to analyze the
PCAP-formatted packets.
4. Enter a value required by your PCAP-aware tool in the Replay Switch text box. This parameter is
used to send data to the PCAP-aware tool. The default value is -r.
5. Enter the full path of the command that will be invoked to launch the PCAP-aware tool into the
Pcap Tool Location text box.