1. Home
    2. PAN-OS
    3. PAN-OS® and Panorama™ API Guide
    4. PAN-OS XML API Request Types
    5. Export Files (API)
    6. Export Packet Captures
    7. Export Threat, Filter, and Data Filtering PCAPs
    End-of-Life (EoL)

    Export Threat, Filter, and Data Filtering PCAPs

    To export threat PCAPs, you need to provide the PCAP ID from the threat log and the search time, which is the time that the PCAP was received on the firewall. Threat PCAP filenames use a
    pcapID.pcap
     format.
    PCAP Type
    API Request
    Threat PCAP using PCAP ID, device name, session ID, and search
    
								
    curl -X GET "https://<firewall>/api/?key=<apikey>&type=export&category=threat-pcap&pcap-id=<id>&device_name=<device name>&sessionid=<session id>&search-time=<yyyy/mm/dd+hr:min:sec>"
    In version 9.0.7 or later, PAN-OS firewalls don’t require sessionid and devicename to export threat PCAPs.
    List of filtered PCAPs
    
								
    curl -X GET "https://<firewall>/api/?key=<apikey>&type=export&category=filters-pcap"
    Specific filtered PCAP file
    
								
    curl -X GET "https://<firewall>/api/?key=<apikey>&type=export&category=filters-pcap&from=<filename>"
    List of data filtering PCAP file names
    
								
    curl -X GET "https://<firewall>/api/?key=<apikey>&type=export&category=dlp-pcap&dlp-password=<password>"
    Specific data filtering PCAP file
    
								
    curl -X GET "https://<firewall>/api/?key=<apikey>&type=export&category=dlp-pcap&dlp-password=<password>&from=<filename>&to=<localfile>"

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2022 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo