Forum Discussion

2 Replies

  • Hi,

    You could do something like the following:

    curl -H"Content-Type:application/json" -kv -u admin https://localhost/mgmt/tm/util/tcpdump -X POST --data "{\"command\":\"run\",\"utilCmdArgs\":\"-i0.0 -C10 -s0 -w /var/tmp/test.pcap host 20.113.206.28\"}"
    

    A fairly large problem with this, however, is that the tcpdump process will just keep running. The REST call exits eventually with a timeout, because I expect that the system expects the command to start up, run for a few seconds at most, and quit. I ended up having to kill the tcpdump process as well as the parent process, icrd_child.

    I don't feel that running tcpdump directly via the API is supported or a great idea. Hopefully someone else has some thoughts on how to best achieve this remotely. Definitely test this thoroughly in your lab if you want to continue.

    Thanks, Josh