Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.

collector sniffing the packet signature not received. How to prove it is or not received not due to configuration

Created: 19 Feb 2013

Hi

device A send both header & data to syslog server then SSIM. Using wireshark, i can still sniff the data contains source ip.

Can collector sniff the data packet signature under syslog director>director setting>its ip address?

I did a TCPdump -i interface ip host, i can't grab the source IP, i believe due to FW, its header has change. Is there other way to verify that this packet has been received by SSIM. I can't prove SSIM received the packet, since collector not able to grab any data concerning this ip.