diagnose tcpdump start|stop
Allows you to use tcpdump to log packet traffic information for a target database and save it to the local disk.
Like the TCP/IP sniffer, tcpdump requires a connection to a mirror port on the switch that handles TCP/IP traffic for the target database. For more information, see Network requirements for monitoring using the TCP/IP sniffer.
You can export the tcpdump log files to an FTP server and remove them from the local disk. For more information, see execute backup fd-tcpdump and execute backup-remove fd-tcpdump.
Syntax
diagnose tcpdump start|stop <port> <client IP> <server IP> [minutes]
where:
Variables | Description |
---|---|
start|stop
|
Specifies whether to start a new tcpdump log file or stop a current monitoring session. |
<port>
|
The FortiDB Ethernet port on which tcpdump intercepts and logs packet traffic. This port is connected to the mirror port on the switch that handles TCP/IP traffic for the database. |
<client IP>
|
The IP address of the database client. Enter |
<server IP> |
The IP address where the target database is located. Enter |
[minutes]
|
Specifies the length of time tcpdump monitors packet traffic between the specfied database and client, in minutes. Maximum value is 720. If you do not specify a duration, tcpdump monitors the specified packet traffic for 60 minutes or until you enter a corresponding |
Example
To monitor database traffic seen on port2 for 10 minutes:
diagnose tcpdump start port2 <your_client_IPaddress> <your_database_server_IPaddress> 10