Description
This article describes how the output of the 'diagnose sniff packet' command can be imported into Wireshark.
Scope
FortiGate.
Solution
In this example, the test unit is continuously pinging 8.8.8.8.
To check what is happening on the packet using Wireshark, follow these steps (Windows):
The FortiGate CLI packet sniffer started populating captures.
When finished, use Ctrl-C to stop the sniffer.
Related articles:
Troubleshooting Tip: Packet capture (CLI sniffer) tips and best practices
Troubleshooting Tip: Using the FortiOS built-in packet sniffer for capturing packets
Technical Tip: How to import 'diagnose sniffer packet' data to WireShark - Ethereal application
Third-Party Links:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.