FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article provides command to collect the sniffer ESP and Interesting traffic on single command line window or in SSH session.

To collect the packet capture of ESP and Interesting traffic for example ICMP, enable the following sniffer command format.
# diag sniffer packet any "(host <VPN peer IP> and esp) or (host <IP address of the remote machine > and protocol)" 6 0 a
Example :

1) In the below example ICMP traffic generated with ESP filter.
FGT91E-1 (root) # diagnose sniffer packet any "(host and esp) or (host and icmp)" 4 0 a

filters=[(host and esp) or (host and icmp)]
2021-03-31 10:38:08.536928 test1 out -> icmp: echo request
2021-03-31 10:38:08.536965 wan1 out -> ESP(spi=0x1c35548f,seq=0x11)
2021-03-31 10:38:08.536972 eth0 out -> ESP(spi=0x1c35548f,seq=0x11)
2021-03-31 10:38:08.537181 wan1 in -> ESP(spi=0x1b6c18f7,seq=0xc)
2021-03-31 10:38:08.537208 test1 in -> icmp: echo reply