Capture with AND logic

Forum|Forum|3 years ago
October 25, 2022
1 reply
1046 views

Dear All,

I should capture traffic between two host so AND logic is required. My problem is the cli diag sniffer would be a perfect tool but it cannot write captured packets to disk, while in the gui's network/capture packet can not make and AND logic between host :(

Is there any pure solution for a version 6.4? Or just some kind of log-the-terminal workaround?

thank you

FortiGate

amouawad

Staff

There are tools available to convert the CLI capture of diag sniffer into a PCAP file (which is what I'm guessing you're after?). Some examples can be found here:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-diagnose-sniffer-packet-data-to/ta-p/191727

https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-import-diagnose-sniffer-packet-data-to/ta-p/193335?externalID=FD30877

If you upgrade to 7.2 you can use the same CLI filters in the GUI:

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded