Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
marypoppins
New Contributor II

Created on ‎10-25-2022 03:42 AM

Capture with AND logic

Dear All,

 

I should capture traffic between two host so AND logic is required. My problem is the cli diag sniffer would be a perfect tool but it cannot write captured packets to disk, while in the gui's network/capture packet can not make and AND logic between host :(

Is there any pure solution for a version 6.4? Or just some kind of log-the-terminal workaround?

 

thank you

Labels:
332
0 Kudos
1 REPLY 1
amouawad
Staff
Staff

Created on ‎10-25-2022 04:00 AM Edited on ‎10-25-2022 04:01 AM

There are tools available to convert the CLI capture of diag sniffer into a PCAP file (which is what I'm guessing you're after?). Some examples can be found here:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-import-diagnose-sniffer-packet-data...

 

https://community.fortinet.com/t5/FortiGate/Technical-Note-How-to-import-diagnose-sniffer-packet-dat...

 

If you upgrade to 7.2 you can use the same CLI filters in the GUI:

amouawad_0-1666695577856.png

 

326
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.