EasyManua.ls Logo

Cisco Catalyst 4500 Series - Example 3: Using Buffer Capture

Cisco Catalyst 4500 Series
1610 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
56-19
Software Configuration Guide—Release IOS XE 3.3.0SG and IOS 15.1(1)SG
OL-25340-01
Chapter 56 Configuring Wireshark
Usage Examples for Wireshark
Source IP: any
Destination IP: any
Protocol: any
File Details:
Associated file name: bootflash:mycap.pcap
Buffer Details:
Buffer Type: LINEAR (default)
Limit Details:
Number of Packets to capture: 100
Packet Capture duration: 60
Step 3 Launch packet capture.
Switch# monitor capture mycap start
Step 4 After sufficient time has passed, stop the capture.
Switch# monitor capture mycap stop
Note Alternatively, you can allow the capture operation stop automatically after the time has elapsed
or the packet count has been met.
The mycap.pcap file now contains the captured packets.
Step 5 Display the packets.
Switch# show monitor capture file bootflash:mycap.pcap
0.000000 10.1.1.30 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
1.000000 10.1.1.31 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
2.000000 10.1.1.32 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
3.000000 10.1.1.33 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
4.000000 10.1.1.34 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
5.000000 10.1.1.35 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
6.000000 10.1.1.36 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
7.000000 10.1.1.37 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
8.000000 10.1.1.38 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
9.000000 10.1.1.39 -> 20.1.1.2 UDP Source port: 20001 Destination port: 20002
Step 6 Delete the capture point.
Switch# no monitor capture mycap
Example 3: Using Buffer Capture
This example shows how to use buffer capture:
Step 1 Launch a capture session with the buffer capture option:
Switch# monitor capture mycap interface gi 3/1 in
Switch# monitor capture mycap match ipv4 any any
Switch# monitor capture mycap buffer circular size 1
Switch# monitor capture mycap start
Step 2 Determine whether the capture is active.
Switch# show monitor capture mycap
Status Information for Capture mycap
Target Type:
Interface: GigabitEthernet3/1, Direction: in

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Administration Guide
Administration Guide1814 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Message Guide
Message Guide146 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages
Preview: Datasheet
Datasheet11 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Overview
Overview46 pages

Related product manuals