EasyManuals Logo

Cisco Catalyst 4500 Series Administration Guide

Cisco Catalyst 4500 Series
1814 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1502 background imageLoading...
Page #1502 background image
59-14
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
OL_28731-01
Chapter 59 Configuring Wireshark
Monitoring Wireshark
Activating and Deactivating a Capture Point
A capture point cannot be activated unless an attachment point and a core system filter have been defined
and the associated filename (if any) does not already exist. A capture point with no associated filename
can only be activated to display. If no capture or display filters are specified, all of the packets captured
by the core system filter are displayed. The default display mode is brief.
To activate or deactivate a capture point, perform these tasks:
Configuring Wireshark on VSS
To configure Wireshark in the VSS standby switch, use the remote login command:
Switch_VSS# remote login module 11
Connecting to standby virtual console
Type "exit" or "quit" to end this session
Switch_VSS-standby-console# monitor capture mycap match any interface gi2/1/1 in file
location bootflash:text.pcap
Monitoring Wireshark
The commands in the following table are used to monitor Wireshark.
Command Purpose
monitor capture name start [capture-filter filter-string]
[display [display-filter filter-string]] [brief | detailed |
dump]
monitor capture name stop
Example:
Switch# monitor capture mycap start capture-filter
"net 10.1.1.0 0.0.0.255 and port 80"
Switch# monitor capture mycap start display
display-filter "net 10.1.1.0 0.0.0.255 and port
80"
Activates a capture point.
Deactivates a capture point.
Table 59-2 Wireshark Monitoring Commands
Command Purpose
show monitor capture point name
Displays the capture point state so that you can see what capture points
are defined, what their attributes are, and whether they are active. When
capture point name is specified, it displays specific capture point's
details.
show monitor capture file name
[display-filter filter-string] [brief |
detailed | dump]
Activates Wireshark using an existing .pcap file as the source for
packets. If no display filter is specified, all of the packets in the file are
displayed. The default display mode is brief.

Table of Contents

Other manuals for Cisco Catalyst 4500 Series

Preview: Manual
Manual19 pages
Preview: Command Reference Guide
Command Reference Guide1230 pages
Preview: System Message Guide
System Message Guide150 pages
Preview: Configuration Guide
Configuration Guide1610 pages
Preview: Software Configuration Guide
Software Configuration Guide2086 pages
Preview: Message Guide
Message Guide146 pages
Preview: Installation Guide
Installation Guide194 pages
Preview: Datasheet
Datasheet11 pages
Preview: Overview
Overview46 pages
Preview: Quick Reference Guide
Quick Reference Guide59 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General IconGeneral
SeriesCatalyst 4500 Series
CategorySwitch
Layer SupportLayer 2, Layer 3
Form FactorModular chassis
StackableNo
Chassis Slots3, 6, 7, 10
Power Supply OptionsAC, DC
RedundancyPower supply, Supervisor engine
Network ManagementCisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
FeaturesSecurity, QoS
Port DensityUp to 384 ports per chassis
Security Features802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine8-E

Related product manuals