Packet capture uses `tcpdump <https://www.tcpdump.org/>`__ and runs in the background.
After a capture is performed you can either look into it using the **View capture** button in the jobs tab or download the pcap file(s) to inspect it in an external tool, such as `Wireshark <https://www.wireshark.org/>`__.
The jobs tab contains all running or executed captures, the following options are available per capture job:
..raw:: html
<ul>
<li> <i class="fa fa-fw fa-spinner fa-pulse"></i>Shows the capture is currently active </li>
<li> <i class="fa fa-fw fa-remove"></i> Remove capture (stops capture when currently active) </li>
<li> <i class="fa fa-fw fa-stop"></i> Stop the current capture </li>
<li> <i class="fa fa-fw fa-play"></i> (Re)starts the current capture, removes previous results when executed before </li>
<li> <i class="fa fa-fw fa-cloud-download"></i> Download a zip file containing all captured pcap files and a json file with selected options </li>
<li> <i class="fa fa-fw fa-file"></i> View capture in high detail</li>
<li> <i class="fa fa-fw fa-file-text"></i> View capture in medium detail</li>
<li> <i class="fa fa-fw fa-file-o"></i> View capture in standard detail</li>
</ul>
..Tip::
All view buttons can be used when the capture is still active, they will just show the details collected until now.
Packet capture uses `tcpdump <https://www.tcpdump.org/>`__ and runs in the background. After a capture is performed you can
either look into it using the **View capture** button or download the pcap file to inspect it in an external tool, such as `Wireshark <https://www.wireshark.org/>`__.