Security/Monitoring Manage PCAP


Manage PCAP


Selecting Overview → Manage → Security/Monitoring → Manage PCAP displays the PCAP dashboard.


When dashboard initially loads you are presented with the following if no PCAP data exists:


Manage Security/Monitoring PCAP Manager Dashboard

Uploading PCAP Files


Clicking on Upload begins the file upload process and opens an Upload Packet Capture window.


Manage Security/Monitoring PCAP Manager Upload Packet Capture File


Select or drag and drop the desired PCAP file and select the PCAP Engine from the list.


Enter a description for the packet capture file and click Upload.


Manage Security/Monitoring PCAP Manager Example of Uploading PCAP File


After the file is uploaded a processing message appears followed by the PCAP file being listed in the Dashboard.


Manage Security/Monitoring PCAP Manager Processing Uploaded PCAP File


After the file is processed a completed message appears followed by the PCAP file being listed in the Dashboard along with data fields and packet counts.


You now analyze the data using UNUM, download the data for further analysis in a third-party tool or delete the PCAP data file.


Manage Security/Monitoring PCAP Manager Uploaded PCAP File Processing Complete


Downloading PCAP Files


Clicking on the Download  icon begins the file download process and a file Save / Open dialog begins on the host computer.


Manage Security/Monitoring PCAP Manager Downloading PCAP Files



The PCAP file is opened on the host computer using a PCAP viewing and editing software package.


Manage Security/Monitoring PCAP Manager Third Party PCAP Tool


Deleting PCAP Files


You delete PCAP files using the  icon on the dashboard. 

Manage Security/Monitoring PCAP Manager Dashboard Delete PCAP Files


You have the option to completely remove the PCAP file from the dashboard and the associated data from the Elasticsearch database or to retain the PCAP file but delete the data.


Clicking on Keep File will delete the PCAP agent data from the database.


Clicking on OK will remove both the data from the database and delete the file.


Manage Security/Monitoring PCAP Manager Packet Delete PCAP File

PCAP Search Function


You easily search and filter multiple PCAP Manager entries using the Filter By: feature in the dashboard.


Begin by typing search or filter criteria and the dashboard automatically updates as shown in the example below:


Manage Security/Monitoring PCAP Manager Search Function