Packet Capture on Cisco IOS-XE

Posted on by

Quick configuration snippet for capturing packets on an IOS-XE based Device. You can find the full Cisco article on this link.

  1. Define the location where the capture will occur:monitor capture CAP interface GigabitEthernet0/0/1 both
  1. Associate a filter. The filter may be specified inline, or an ACL or class-map can be referenced:monitor capture CAP match ipv4 protocol tcp any any
  2. Start the capture:monitor capture CAP start
  3. The capture is now active. Allow it to collect the necessary data.
  4. Stop the capture:monitor capture CAP stop
  1. Examine the capture in a summary view:show monitor capture CAP buffer brief
  1. Examine the capture in a detailed view:show monitor capture CAP buffer detailed
  1. In addition, export the capture in PCAP format for further analysis:monitor capture CAP export ftp://192.168.0.1/CAP.pcap
  1. Once the necessary data has been collected, remove the capture:no monitor capture CAP

Leave a Reply

Your email address will not be published. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>