This article applies to API Gateway Appliance running version 10.0 and higher.
The following steps should be followed for installing the tcpdump application if it does not already exist on the appliance.
Once tcpdump is installed, the following command is used to run the tcpdump application: tcpdump -s 0 -i any -w /home/ssgconfig/<case#>.cap
If required for security policies, the RPMs should be uninstalled after the data has been captured and analyzed. Otherwise, it can be useful to leave them installed as it can save a lot of time in the future when it may be necessary again to capture network traffic.
The RPMs can be removed using the command: rpm -e <package-name>