Application PCAPs are organized by a directory/filename structure where the directory is a date in
yyyymmdd
format. Filenames for application pcaps use a
SourceIP-SourcePort-DestinationIP-DestinationPort-SessionID.pcap
format.
Application PCAP file by name using the
from
parameter.
https://firewall/api/?type=export&category=application-pcap&from=yyyymmdd/filename
The file will be retrieved and saved locally using the name yyyymmdd-filename.
Application PCAP file saved locally with a custom name using the
to
parameter.
To export threat PCAPs, you need to provide the PCAP ID from the threat log and the search time, which is the time that the PCAP was received on the firewall. Threat PCAP filenames use a
pcapID.pcap
format.
