Security Profile Packet Captures FAQs
For Antivirus, Anti-Spyware, and Vulnerability profiles that have packet capture enabled:
- Does the capture use packet filters previously defined in the CLI or WebUI, or something else?
Answer: No, it does not use previously defined packet filters. The packet capture is particular to the traffic that matched the threat signature that triggered the capture.
- For how long does the packet capture run?
Answer: The device will only capture what matches the threat signature. It will not capture the full session.
- Does the packet capture need to be manually turned off?
Answer: It does not need to be manually turned off. It will end once the traffic that matches the threat signature has been captured.