visibility packet-capture capture-config¶
Packet Capture-Configuration
capture-config Specification¶
Type
Collection
Object Key(s)
name
Collection Name
Collection URI
/axapi/v3/visibility/packet-capture/capture-config
Element Name
capture-config
Element URI
/axapi/v3/visibility/packet-capture/capture-config/{name}
Element Attributes
capture-config_attributes
Statistics Data URI
/axapi/v3/visibility/packet-capture/capture-config/{name}/stats
Schema
Operations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/visibility/packet-capture/capture-config | ||
Create List | POST | /axapi/v3/visibility/packet-capture/capture-config | ||
Get Object | GET | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Get List | GET | /axapi/v3/visibility/packet-capture/capture-config | ||
Modify Object | POST | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Replace Object | PUT | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Replace List | PUT | /axapi/v3/visibility/packet-capture/capture-config | ||
Delete Object | DELETE | /axapi/v3/visibility/packet-capture/capture-config/{name} |
capture-config-list¶
capture-config-list is JSON List of capture-config attributes
capture-config-list : [
]
capture-config attributes¶
concurrent-captures
Description Enable and specify maximum concurrent 3 tuple filter based captures in seperate pcaps.
Type: number
Range: 1-5000
Mutual Exclusion: concurrent-captures and concurrent-conn-tag are mutually exclusive
concurrent-captures-age
Description Specify the time in minutes upto which a 3 tuple filter based capture will be kept active(default 1)
Type: number
Range: 1-10
Default: 1
concurrent-conn-per-capture
Description Specify maximum number of concurrent connnections(5 tuple matches) to be captured within in a 3 tuple based capture. (default 1
Type: number
Range: 1-1000
Default: 100
concurrent-conn-tag
Description Enable and specify maximum concurrent connnections(only 5 tuple based) to be captured in common pcaps.
Type: number
Range: 1-1000
Mutual Exclusion: concurrent-conn-tag and concurrent-captures are mutually exclusive
create-pcap-files-now
Description Operational command to force create temporary pcapng files before completion (for global/non 3 tuple based captures)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable
Description Disable packet capture (default enabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-auto-merge
Description Disable auto merging per CPU pcapng files(default enabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-continuous-global-capture
Description Enable continuous capture of packets for the global capture(non 3 tuple based capture) overriding size limits
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
file-count
Description Specify the number of continuous pcapng files that can be created for capturing packets (default 10)
Type: number
Range: 1-50
Default: 10
file-size
Description Specify pcapng filesize in MB, Will be distributed per CPU (default 1)
Type: number
Range: 1-300
Default: 1
keep-pcap-files-after-merge
Description Keep original per CPU pcapng files after auto merging pcapng files(default disabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Specify the name of the capture-config
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
number-of-packets-per-capture
Description Specify Maximum number of packets per global or dynamic capture (default 0 unlimited)
Type: number
Range: 0-1000
Default: 0
number-of-packets-per-conn
Description Specify maximum number of packets to be captured in a 5 tuple based connection (default 0 unlimited).
Type: number
Range: 0-1000
Default: 0
number-of-packets-total
Description Specify Maximum number of packets for all captures (default 0 unlimited)
Type: number
Range: 0-15000
Default: 0
packet-length
Description Packet length in Bytes to capture (Default 128)
Type: number
Range: 64-1518
Default: 128
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
stats data¶
Counter |
Size |
Description |
|
|---|---|---|---|
Concurrent-capture-by-ctr-anomaly-freed |
8 |
Dynamic Capture(ctr anomaly based) freed |
|
pktcapture-triggered-by-other-feature |
8 |
Capture triggered by Other feature |
|
num-conns-tagged-increment |
8 |
Conn tag success (based on ctr increment, dynamic) |
|
Concurrent-capture-create-failed-by-other-feature |
8 |
Error, Dynamic Capture(Other feature based) create failed |
|
pktcapture-with-no-conn-failure |
8 |
Capture fail, Packets without conn |
|
num-conns-tagged-global-other-feature |
8 |
Conn tag success (based on Other feature, Global) |
|
num-global-counters-deregistered |
8 |
Number of global objects deregistered |
|
num-of-anomalies-cleared |
8 |
Number of times ctr Anomaly cleared |
|
auto-pcap-file-merged |
8 |
Auto pcapng files merged |
|
num-conns-tagged-global-increment |
8 |
Conn tag success (based on ctr increment, Global) |
|
conn-ext-failed |
8 |
Error, Conn extension creation fail |
|
num-tmp-pcaps-created |
8 |
Number of temporary pcapng files created |
|
pktcapture-with-conn-success-global |
8 |
Capture success, Packets with tagged conn (global capture) |
|
num-conns-tagged-increment-fail |
8 |
Conn tag fail (based on ctr increment, dynamic) |
|
num-conns-tagged-global-increment-maxed |
8 |
Conn tag fail, reached limit (based on ctr increment, Global) |
|
num-pcaps-created |
8 |
Number of pcapng files created |
|
num-conns-untagged |
8 |
Number of conns untagged (done with conn limit or capture) |
|
num-conns-tagged-global-anomaly-fail |
8 |
Conn tag fail (based on ctr anomaly, Global) |
|
num-conns-tagged-increment-maxed |
8 |
Conn tag fail, reached limit (based on ctr increment, dynamic) |
|
num-conns-tagged-global-anomaly |
8 |
Conn tag success (based on ctr anomaly, Global) |
|
Concurrent-capture-create-failed-oom |
8 |
Error, Dynamic Capture create failed, OOM |
|
num-global-counters-registered |
8 |
Number of global objects registered |
|
failed-disk-full |
8 |
Error, Capture fail, Disk limit reached |
|
num-of-anomalies-detected |
8 |
Number of times ctr Anomaly detected |
|
Global-capture-finished |
8 |
Number of times global capture finished capturing |
|
Concurrent-capture-by-ctr-other-feature-freed |
8 |
Dynamic Capture(Other feature based) freed |
|
num-conns-tagged-other-feature-fail |
8 |
Conn tag fail (based on Other feature, dynamic) |
|
num-per-object-counters-deregistered |
8 |
Number of per instance objects deregistered |
|
Concurrent-capture-created-by-ctr-anomaly |
8 |
Dynamic 3 tuple based capture created (ctr anomaly based) |
|
Concurrent-capture-by-ctr-increment-freed |
8 |
Dynamic Capture(ctr increment based) freed |
|
num-per-object-counters-registered |
8 |
Number of per instance objects registered |
|
pktcapture-failure-file-size-rchd |
8 |
Capture fail, file size reached |
|
num-conns-tagged-other-feature-maxed |
8 |
Conn tag fail, reached limit (based on Other feature, dynamic) |
|
non-pkt-path |
8 |
Skip capturing, not packet processing path |
|
pktcapture-failure-wait-for-block |
8 |
Capture fail, waiting to get free buffer |
|
failed-as-return-completed-set |
8 |
Skip capturing, capture-config marked completed |
|
pktcapture-with-conn-failure-global |
8 |
Capture fail, Packets with tagged conn (global capture) |
|
num-conns-tagged-global-anomaly-maxed |
8 |
Conn tag fail, reached limit (based on ctr anomaly, Global) |
|
Concurrent-capture-create-failed-by-ctr-increment |
8 |
Error, Dynamic Capture(ctr increment based) create failed |
|
pktcapture-with-conn-but-not-tagged-success |
8 |
Capture success, Packets with untagged conn |
|
num-dynamic-capture-config-delete-q |
8 |
num-dynamic-capture-config-delete-q |
|
num-conns-tagged-global-increment-fail |
8 |
Conn tag fail (based on ctr increment, Global) |
|
auto-pcap-file-merged-failed |
8 |
Auto pcapng files merged failed |
|
pktcapture-triggered-by-increment |
8 |
Capture triggered by counter increment |
|
pktcapture-with-conn-success |
8 |
Capture success, Packets with tagged conn (dynamic capture) |
|
Concurrent-capture-create-failed-by-ctr-anomaly |
8 |
Error, Dynamic Capture(ctr anomaly based) create failed |
|
num-conns-tagged-other-feature |
8 |
Conn tag success (based on Other feature, dynamic) |
|
Concurrent-capture-finished |
8 |
Number of Dynamic captures(3 tuple based) finished capturing |
|
skip-as-conn-already-recapture |
8 |
Skip creating capture, conn was already captured |
|
num-pcaps-create-failed |
8 |
Error, Number of pcapng files creation failed |
|
pktcapture-with-no-conn-success |
8 |
Capture success, Packets without conn |
|
pktcapture-with-conn-but-not-tagged-failure |
8 |
Capture fail, Packets with untagged conn |
|
num-conns-tagged-anomaly |
8 |
Conn tag success (based on ctr anomaly, dynamic) |
|
num-conns-tagged-global-other-feature-maxed |
8 |
Conn tag fail, reached limit (based on Other feature, Global) |
|
num-conns-tagged-global-other-feature-fail |
8 |
Conn tag fail (based on Other feature, Global) |
|
Concurrent-capture-limit-reached |
8 |
Dynamic Capture configured concurrent limit reached |
|
wrong-ctr-incremented |
8 |
Counter increment issue |
|
Concurrent-capture-created-by-ctr-increment |
8 |
Dynamic 3 tuple based capture created (ctr increment based) |
|
num-conns-tagged-anomaly-fail |
8 |
Conn tag fail (based on ctr anomaly, dynamic) |
|
pktcap-oom |
8 |
Error, Automated Packet capture infra OOM |
|
num-dynamic-capture-config-created |
8 |
Number of dynamic capture-config created |
|
num-dynamic-capture-config-deleted |
8 |
Number of dynamic capture-config deleted |
|
pkt-already-captured |
8 |
Skip capturing, packet already captured |
|
pktcapture-with-conn-failure |
8 |
Capture fail, Packets with tagged conn (dynamic capture) |
|
num-conns-tagged-anomaly-maxed |
8 |
Conn tag fail, reached limit (based on ctr anomaly, dynamic) |
|
skip-capture-as-conn-created-before-smp |
8 |
Skip capturing, conn was created before the capture started |
|
pktcapture-triggered-by-anomaly |
8 |
Capture triggered by counter anomaly |