Technical Tip: How To enable sniffer from CLI to capture the packets

Refer to the below-mentioned CLI command to capture the sniffer, which will be used later to analyze the packets.

# config firewall sniffe
    edit <id>
        set status enable
        set logtraffic utm
        set ipv6 disable
        set non-ip disable
        set interface ''
        set host ''
        set port ''
        set protocol ''
        set vlan ''
        set application-list-status disable
        set ips-sensor-status disable
        set dsri disable
        set av-profile-status disable
        set webfilter-profile-status disable
        set emailfilter-profile-status disable
        set dlp-sensor-status disable
        set ip-threatfeed-status disable
        set file-filter-profile-status disable
        set ips-dos-status disable
        set max-packet-count 4000
    next
end

In this case, to capture packets for 4.2.2.2 so the configuration is mentioned below.

# config firewall sniffe
    edit <id>
        set interface dmz
        set host 4.2.2.2
        set protocol 1
    end

After configuring the same, it is possible to start the capture from the GUI Network -> Packet Capture whenever expected.