Packet capture (pcap), Configuring packet captures, Chapter 39 – Brocade Network Advisor IP User Manual v12.3.0 User Manual
Page 1399: Chapter 39, “packet capture (pcap)
Brocade Network Advisor IP User Manual
1347
53-1003153-01
Chapter
39
Packet Capture (Pcap)
In this chapter
•
Configuring packet captures
Organizations can configure switches as sensors to capture packets through the embedded sFlow
capability and send them back to the Management application, which acts as an sFlow collector.
The Management application then converts the sFlow data to Pcap format, which is understood by
a variety of open source products. The open source products can then provide valuable tools to
detect and defend against network attacks.
NOTE
Snort
®
is the only Pcap-aware tool supported by the Management application. For more information,
refer to
To configure packet captures (PCAP)-related properties, complete the following steps:
1. Select Configure > Packet Capture (Pcap).
The Configure Pcap dialog box, shown in
, displays.
FIGURE 573
Configure Pcap dialog box
2. Click the Convert sFlow to Pcap check box to convert sFlow data to PCAP-formatted packets.
3. Click the Enable Pcap check box to instruct the Management application to analyze the
PCAP-formatted packets.
4. Enter a value required by your PCAP-aware tool in the Replay Switch text box. This parameter is
used to send data to the PCAP-aware tool. The default value is -r.
5. Enter the full path of the command that will be invoked to launch the PCAP-aware tool into the
Pcap Tool Location text box.