Technical Tip : How to capture the whole packets when 'Packet size is limited during capture' is seen on the captured packets

1) Use the command below to capture the whole packets and save it on a file.

# diag sniffer packet any '<filter>' 6 0 snaplen

Example:

# FortiGate-VM64-AWS # diagnose sniffer packet any 'host 8.8.8.8' 6 0 l snaplen
    Using Original Sniffing Mode interfaces=[any] filters=[host      8.8.8.8]
    pcap_snapshot: snaplen raised from 0 to 262144 2022-05-17        03:03:12.599435 port1 out 172.31.0.132 -> 8.8.8.8: icmp:         echo request
....

2) Convert the file to pcap by following the below article.

https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-import-diagnose-sniffer-packet-data-to/ta-p/193335?externalID=FD30877