Fixed Filter Option
The fixed filter option uses a small set of parameters to query the PCAP data. For
example, the filter can specify the IP Source Address (ip_src_addr) and the
IP Destination Address (ip_dst_addr) in the query. The fixed filter option is
prescriptive and does not allow a lot of flexibility in the query.
You can use the fixed filter option to query for the following fields in the PCAP data:
ip_scr_addrip_dst_addrip_src_portip_dst_portprotocoltimestamp
You can use two methods to query the PCAP data using the fixed filter option:
- PCAP query user interface
- CLI