visibility packet-capture capture-config¶
Packet Capture-Configuration
capture-config Specification¶
Type Collection Object Key(s) name Collection Name capture-config-list Collection URI /axapi/v3/visibility/packet-capture/capture-config Element Name capture-config Element URI /axapi/v3/visibility/packet-capture/capture-config/{name} Element Attributes capture-config_attributes Statistics Data URI /axapi/v3/visibility/packet-capture/capture-config/{name}/stats Schema capture-config schemaOperations Allowed:
| Operation | Method | URI | Payload | |
|---|---|---|---|---|
Create Object | POST | /axapi/v3/visibility/packet-capture/capture-config | ||
Create List | POST | /axapi/v3/visibility/packet-capture/capture-config | ||
Get Object | GET | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Get List | GET | /axapi/v3/visibility/packet-capture/capture-config | ||
Modify Object | POST | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Replace Object | PUT | /axapi/v3/visibility/packet-capture/capture-config/{name} | ||
Replace List | PUT | /axapi/v3/visibility/packet-capture/capture-config | ||
Delete Object | DELETE | /axapi/v3/visibility/packet-capture/capture-config/{name} |
capture-config-list¶
capture-config-list is JSON List of capture-config attributes
capture-config-list : [
]
capture-config attributes¶
concurrent-captures
Description Enable and specify maximum concurrent 3 tuple filter based captures in seperate pcaps.
Type: number
Range: 1-5000
Mutual Exclusion: concurrent-captures and concurrent-conn-tag are mutually exclusive
concurrent-captures-age
Description Specify the time in minutes upto which a 3 tuple filter based capture will be kept active(default 1)
Type: number
Range: 1-10
Default: 1
concurrent-conn-per-capture
Description Specify maximum number of concurrent connnections(5 tuple matches) to be captured within in a 3 tuple based capture. (default 1
Type: number
Range: 1-1000
Default: 100
concurrent-conn-tag
Description Enable and specify maximum concurrent connnections(only 5 tuple based) to be captured in common pcaps.
Type: number
Range: 1-1000
Mutual Exclusion: concurrent-conn-tag and concurrent-captures are mutually exclusive
create-pcap-files-now
Description Operational command to force create temporary pcapng files before completion (for global/non 3 tuple based captures)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable
Description Disable packet capture (default enabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
disable-auto-merge
Description Disable auto merging per CPU pcapng files(default enabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
enable-continuous-global-capture
Description Enable continuous capture of packets for the global capture(non 3 tuple based capture) overriding size limits
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
file-count
Description Specify the number of continuous pcapng files that can be created for capturing packets (default 10)
Type: number
Range: 1-50
Default: 10
file-size
Description Specify pcapng filesize in MB, Will be distributed per CPU (default 1)
Type: number
Range: 1-300
Default: 1
keep-pcap-files-after-merge
Description Keep original per CPU pcapng files after auto merging pcapng files(default disabled)
Type: boolean
Supported Values: true, false, 1, 0
Default: 0
name
Description Specify the name of the capture-config
Type: string
Maximum Length: 63 characters
Maximum Length: 1 characters
number-of-packets-per-capture
Description Specify Maximum number of packets per global or dynamic capture (default 0 unlimited)
Type: number
Range: 0-1000
Default: 0
number-of-packets-per-conn
Description Specify maximum number of packets to be captured in a 5 tuple based connection (default 0 unlimited).
Type: number
Range: 0-1000
Default: 0
number-of-packets-total
Description Specify Maximum number of packets for all captures (default 0 unlimited)
Type: number
Range: 0-15000
Default: 0
packet-length
Description Packet length in Bytes to capture (Default 128)
Type: number
Range: 64-1518
Default: 128
user-tag
Description Customized tag
Type: string
Format: string-rlx
Maximum Length: 127 characters
Maximum Length: 1 characters
uuid
Description uuid of the object
Type: string
Maximum Length: 64 characters
Maximum Length: 1 characters
stats data¶
| Counter | Size | Description | |
|---|---|---|---|
| Concurrent-capture-by-ctr-anomaly-freed | 8 | Dynamic Capture(ctr anomaly based) freed | |
| pktcapture-triggered-by-other-feature | 8 | Capture triggered by Other feature | |
| num-conns-tagged-increment | 8 | Conn tag success (based on ctr increment, dynamic) | |
| Concurrent-capture-create-failed-by-other-feature | 8 | Error, Dynamic Capture(Other feature based) create failed | |
| pktcapture-with-no-conn-failure | 8 | Capture fail, Packets without conn | |
| num-conns-tagged-global-other-feature | 8 | Conn tag success (based on Other feature, Global) | |
| num-global-counters-deregistered | 8 | Number of global objects deregistered | |
| num-of-anomalies-cleared | 8 | Number of times ctr Anomaly cleared | |
| auto-pcap-file-merged | 8 | Auto pcapng files merged | |
| num-conns-tagged-global-increment | 8 | Conn tag success (based on ctr increment, Global) | |
| conn-ext-failed | 8 | Error, Conn extension creation fail | |
| num-tmp-pcaps-created | 8 | Number of temporary pcapng files created | |
| pktcapture-with-conn-success-global | 8 | Capture success, Packets with tagged conn (global capture) | |
| num-conns-tagged-increment-fail | 8 | Conn tag fail (based on ctr increment, dynamic) | |
| num-conns-tagged-global-increment-maxed | 8 | Conn tag fail, reached limit (based on ctr increment, Global) | |
| num-pcaps-created | 8 | Number of pcapng files created | |
| num-conns-untagged | 8 | Number of conns untagged (done with conn limit or capture) | |
| num-conns-tagged-global-anomaly-fail | 8 | Conn tag fail (based on ctr anomaly, Global) | |
| num-conns-tagged-increment-maxed | 8 | Conn tag fail, reached limit (based on ctr increment, dynamic) | |
| num-conns-tagged-global-anomaly | 8 | Conn tag success (based on ctr anomaly, Global) | |
| Concurrent-capture-create-failed-oom | 8 | Error, Dynamic Capture create failed, OOM | |
| num-global-counters-registered | 8 | Number of global objects registered | |
| failed-disk-full | 8 | Error, Capture fail, Disk limit reached | |
| num-of-anomalies-detected | 8 | Number of times ctr Anomaly detected | |
| Global-capture-finished | 8 | Number of times global capture finished capturing | |
| Concurrent-capture-by-ctr-other-feature-freed | 8 | Dynamic Capture(Other feature based) freed | |
| num-conns-tagged-other-feature-fail | 8 | Conn tag fail (based on Other feature, dynamic) | |
| num-per-object-counters-deregistered | 8 | Number of per instance objects deregistered | |
| Concurrent-capture-created-by-ctr-anomaly | 8 | Dynamic 3 tuple based capture created (ctr anomaly based) | |
| Concurrent-capture-by-ctr-increment-freed | 8 | Dynamic Capture(ctr increment based) freed | |
| num-per-object-counters-registered | 8 | Number of per instance objects registered | |
| pktcapture-failure-file-size-rchd | 8 | Capture fail, file size reached | |
| num-conns-tagged-other-feature-maxed | 8 | Conn tag fail, reached limit (based on Other feature, dynamic) | |
| non-pkt-path | 8 | Skip capturing, not packet processing path | |
| pktcapture-failure-wait-for-block | 8 | Capture fail, waiting to get free buffer | |
| failed-as-return-completed-set | 8 | Skip capturing, capture-config marked completed | |
| pktcapture-with-conn-failure-global | 8 | Capture fail, Packets with tagged conn (global capture) | |
| num-conns-tagged-global-anomaly-maxed | 8 | Conn tag fail, reached limit (based on ctr anomaly, Global) | |
| Concurrent-capture-create-failed-by-ctr-increment | 8 | Error, Dynamic Capture(ctr increment based) create failed | |
| pktcapture-with-conn-but-not-tagged-success | 8 | Capture success, Packets with untagged conn | |
| num-dynamic-capture-config-delete-q | 8 | num-dynamic-capture-config-delete-q | |
| num-conns-tagged-global-increment-fail | 8 | Conn tag fail (based on ctr increment, Global) | |
| auto-pcap-file-merged-failed | 8 | Auto pcapng files merged failed | |
| pktcapture-triggered-by-increment | 8 | Capture triggered by counter increment | |
| pktcapture-with-conn-success | 8 | Capture success, Packets with tagged conn (dynamic capture) | |
| Concurrent-capture-create-failed-by-ctr-anomaly | 8 | Error, Dynamic Capture(ctr anomaly based) create failed | |
| num-conns-tagged-other-feature | 8 | Conn tag success (based on Other feature, dynamic) | |
| Concurrent-capture-finished | 8 | Number of Dynamic captures(3 tuple based) finished capturing | |
| skip-as-conn-already-recapture | 8 | Skip creating capture, conn was already captured | |
| num-pcaps-create-failed | 8 | Error, Number of pcapng files creation failed | |
| pktcapture-with-no-conn-success | 8 | Capture success, Packets without conn | |
| pktcapture-with-conn-but-not-tagged-failure | 8 | Capture fail, Packets with untagged conn | |
| num-conns-tagged-anomaly | 8 | Conn tag success (based on ctr anomaly, dynamic) | |
| num-conns-tagged-global-other-feature-maxed | 8 | Conn tag fail, reached limit (based on Other feature, Global) | |
| num-conns-tagged-global-other-feature-fail | 8 | Conn tag fail (based on Other feature, Global) | |
| Concurrent-capture-limit-reached | 8 | Dynamic Capture configured concurrent limit reached | |
| wrong-ctr-incremented | 8 | Counter increment issue | |
| Concurrent-capture-created-by-ctr-increment | 8 | Dynamic 3 tuple based capture created (ctr increment based) | |
| num-conns-tagged-anomaly-fail | 8 | Conn tag fail (based on ctr anomaly, dynamic) | |
| pktcap-oom | 8 | Error, Automated Packet capture infra OOM | |
| num-dynamic-capture-config-created | 8 | Number of dynamic capture-config created | |
| num-dynamic-capture-config-deleted | 8 | Number of dynamic capture-config deleted | |
| pkt-already-captured | 8 | Skip capturing, packet already captured | |
| pktcapture-with-conn-failure | 8 | Capture fail, Packets with tagged conn (dynamic capture) | |
| num-conns-tagged-anomaly-maxed | 8 | Conn tag fail, reached limit (based on ctr anomaly, dynamic) | |
| skip-capture-as-conn-created-before-smp | 8 | Skip capturing, conn was created before the capture started | |
| pktcapture-triggered-by-anomaly | 8 | Capture triggered by counter anomaly |