tcpdump stop-trigger regex

Configuration Mode Commands : SteelHead configuration commands : tcpdump stop-trigger regex

Sets the regular expression that triggers the stopping of TCP dumps.

Syntax

tcpdump stop-trigger regex <regex>

Parameters

<regex>

PERL regular expression to match. RiOS compares the PERL regular expression against each entry made to the system logs. The system matches on a per-line basis.

Usage

Use this command to configure a regular expression that represents a condition that, when matched, stops all running TCP dumps. After this match is found, all TCP dump sessions are stopped after the delay configured by the tcpdump stop-trigger delay command.

Example

In the following example, RiOS searches for the pattern ntp in the system logs. The system waits 20 seconds after there is a match and then stops all TCP dumps that are still running.

amnesiac (config) # tcpdump stop-trigger regex ntp

amnesiac (config) # tcpdump stop-trigger delay 20

amnesiac (config) # tcpdump stop-trigger enable

Product

Client Accelerator, Interceptor, SCC, SteelHead CX, SteelHead-v, SteelHead-c

Related Commands

“tcpdump stop-trigger delay,” “tcpdump stop-trigger enable,” “tcpdump stop-trigger restart,” show tcpdump stop-trigger