1.3.c [i] Using Wireshark trace analyzer
Beginning with Cisco IOS Release XE 3.3.0SG , the Catalyst 4500 series switch supports Wireshark, a packet analyzer program, also known as Ethereal, which supports multiple protocols and presents
information in a text-based user interface. The key concepts around IOS XE based wireshark are:
● Capture points (a capture point is the central policy definition of the Wireshark feature)
● Attachment points (it refers to Interfaces and traffic directions)
● Filters (filters are attributes of a capture point that identify and limit the subset of traffic traveling through the attachment point of a capture point, which is copied and passed to Wireshark)
● Storing captured packets to memory buffers
Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 1395-1407). . Kindle Edition.