RSA Admin

How to generate a pcap file that contains all sessions that match a query using REST /sdk/query and /sdk/packets

Discussion created by RSA Admin Employee on Dec 6, 2012

Attached pdf provides a detailed example of how to generate a pcap file that contains all sessions that matching below query using REST /sdk/query and /sdk/packets:

 

Query: ip.src=10.194.238.251 and alias.host=time.vocalocity.com and time from 12/6/2012 8am to 12/6/2012 9am

Outcomes