Downloading Packets Captured
You can download attack packets captured by SRX Series devices and analyze these packets externally using tools such as Wireshark, tcpdump, tshark, and so on.
To download the attack packets:
- Select Monitor > Events & Logs.
- Click the Detail View tab.
- Select an IPS category event row and right-click a cell,
or select Download PCAP from the More list.
Note The Download PCAP menu is enabled only if the Event Category is IPS.
Note PCAPs can be suppressed by the log suppression mechanism, which is enabled by default. To disable log suppression, see suppression. To configure SRX IDP packet capture, see Configuring Security Packet Capture.