The Blue Coat Proxy / Filter device transfers packets like any other network device. A simple troubleshooting technique is to see if the packets are flowing through the device as expected. Here are the commands to do a Blue Coat Packet Capture:
Blue Coat Packet Capture
- pcap filter expr “host 10.1.1.2”
- setup a filter to capture packets on 10.1.1.2
- pcap start|stop
- start or stop the packet capture
- pcap info
- show statistics and info about the packets captured to make sure you got what you were looking for
- pcap transfer ftp://ftp.example.com username password
- send the files via ftp to a remote host so you can open in wireshark and analyze
This does a full packet capture, and the only real danger is possibly capturing too much in your network packet capture. There are options for packet size limited during capture, but I havent’ had to use them on Blue Coat yet!