Reset Search



KB45011 - How to collect a tcpdump on vTM.

« Go Back


Last Modified Date2/10/2022 9:59 AM
At times, for troubleshooting purposes we may need to collect a tcpdump to look into the communication between the nodes. This is helpful in scenarios where User is facing latency or HA Communication is fluctuating or Health Monitors are failing etc.
This KB provides the steps for collecting the tcpdump and copying the file out of the vTM.
Problem or Goal
1. Log into the vTM CLI
2. Navigate to /logs location
3. Run the following command (For extremely busy environments you may want to tweak the command using examples below to collect limited info)

#Collects unfiltered captures. Try to keep the capture time to ~ 1 min.
tcpdump -i any -w Test.pcap
tcpdump -i any \(host and host\) and tcp port 443 -w Test.pcap

4. Ctrl+C to stop the captures.
5. This capture will be saved in the /logs location (or the location where the command was executed. In this example its "/logs" )
6. If you want to take a quick look into the Output but do not want to save the file.

tcpdump -ni any \(host and host\) and tcp port 443
Copying this file to Windows:
1. From Windows machine : You can use tools like Winscp or Filezilla and connect to the vTM and copy the file.
2. Fom Window CLI using below commands:

c:\> pscp.exe [email protected]_ipaddress:/logs/Test.pcap C:\WindowsLocation\
(You'll be prompted for the vTM Password)


c:\> scp [email protected]:/logs/errors \WindowsDirectory\

Copying this file from vTM to Linux:
scp /logs/Test.pcap [email protected]/remotelocation
(You'll be prompted for the remote location 'adminuser' password)

Related Links
Attachment 1 
Created ByCarlos Juan



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255