Analyzing "POST" HTTP requests from ProxySG, with SSL Inspection involves.
Yes. It is possible to analyze the "POST" HTTP requests in a PCAP, if they were generated.
Irrespective of the chosen approach, to analyze "POST" HTTP requests, the filter, below, should be utilized, in Wireshark.
http.request.method == "POST"
For HTTP2, use http2.headers.method == "POST" in the Wireshark filter.
If, indeed, a POST request was generated, packets with the "POST" request will be seen in the capture.
For collecting the PCAP on the ProxySG appliance, utilize filters that reflect the source and destination of the traffic of interest. Remember to use the "ip host xx.xx.xx.xx", for the use of IP addresses, and "host example.com", for non-IP hosts. When more than one filters are used, separate them with the use of "or".
Now, with SSL, we recommend to use secure ICAP. For guidance, please refer to the tech. docs. with URLs below.