End-of-Life (EoL)
You can export packet captures from the firewall by specifying the PCAP type using the category parameter:
Export Application PCAPS
Application PCAPs are organized by a directory/filename structure where the directory is a date in yyyymmdd format. Filenames for application pcaps use a SourceIP-SourcePort-DestinationIP-DestinationPort-SessionID.pcap format.
Application PCAP Type API Request
Application PCAP directory list. https://firewall/api/?type=export&category=application-pcap
List of files under a directory using the from parameter to indicate date. https://firewall/api/?type=export&category=application-pcap&from=yyyymmdd
Application PCAP file by name using the from parameter. https://firewall/api/?type=export&category=application-pcap&from=yyyymmdd/filename The file will be retrieved and saved locally using the name yyyymmdd-filename.
Application PCAP file saved locally with a custom name using the to parameter. https://firewall/api/?type=export&category=application-pcap&from=yyyymmdd/filename&to=localfile
Export Threat, Filter, and Data Filtering PCAPs
To export threat PCAPs, you need to provide the PCAP ID from the threat log and the search time, which is the time that the PCAP was received on the firewall. Threat PCAP filenames use a pcapID.pcap format.
PCAP Type API Request
Threat PCAP using PCAP ID and search https://firewall/api/?type=export&category=threat-pcap&pcap-id=id&search-time= yyyy/mm/dd hr:min:sec
List of filtered PCAPs https://firewall/api/?type=export&category=filters-pcap
Specific filtered PCAP file https://firewall/api/?type=export&category=filters-pcap&from=filename
List of data filtering PCAP file names https://firewall/api/?type=export&category=dlp-pcap&dlp-password=password
Specific data filtering PCAP file https://firewall/api/?type=export&category=dlp-pcap&dlp-password=password&from=filename&to=localfile

Recommended For You