Blue Coat Packet Capture

The Blue Coat Proxy / Filter device transfers packets like any other network device. A simple troubleshooting technique is to see if the packets are flowing through the device as expected. Here are the commands to do a Blue Coat Packet Capture:

Blue Coat Packet Capture

pcap filter expr “host”
setup a filter to capture packets on
pcap start|stop
start or stop the packet capture
pcap info
show statistics and info about the packets captured to make sure you got what you were looking for
pcap transfer username password
send the files via ftp to a remote host so you can open in wireshark and analyze

Blue Coat Packet CaptureThis does a full packet capture, and the only real danger is possibly capturing too much in your network packet capture. There are options for packet size limited during capture, but I havent’ had to use them on Blue Coat yet!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.