PCAP Strategy
Created:2024-06-20 Last Modified:2024-09-23
This document was translated by ChatGPT
#1. PCAP Strategy
The PCAP strategy supports setting policies or rules for capturing network data packets. The strategy allows setting the network location for packet capture, the collector, filtering rules, payload truncation, etc., specifying which types of data packets should be captured and how to filter out unnecessary data packets.
#1.1 Overview
Overview
- ① New: Supports creating a new PCAP strategy. For details, please refer to the [New Strategy] section.
- ② Enable/Disable: Choose to enable or disable the current PCAP strategy. Once enabled, data filtering and capturing will commence.
- ③ View Collected Traffic: Click to jump to the PCAP download page to view the traffic data collected by this strategy. For details, please refer to the PCAP Download section.
- ④ Edit: Modify the selected strategy.
- ⑤ Delete: Delete the strategy.
#1.1.1 New Strategy
New Strategy
- Name: Required, the name of the PCAP strategy.
- Network Location: Required, select the network location where data will be captured.
- Collector: Choose the supported collector based on the selected network location.
- Collection Point Filter: Required, can be selected from computing resources, network resources, or container resources.
- Different categories of resources support further selection of specific resource information. For example, if an IP address under network resources is selected, the IP address to be filtered must be provided.
- VPC: Optional, filter based on requirements.
- Protocol: Optional, filter based on requirements.
- Port: Optional, filter based on requirements.
- Peer: Disabled by default, supports filtering peer data.
- Peer Filter: Required, please refer to
Collector Filter
for details. - Port: Optional, filter based on requirements.
- Peer Filter: Required, please refer to
- Payload Truncation: Enter the size of the traffic to be truncated, in bytes.
- The default is 0, meaning no truncation.