<p class="shortdesc">本文介绍如何新增TCPDUMP抓包任务。</p> <section class="section prereq" id="TCPDUMP__prereq_gz1_f14_psb"><div class="tasklabel"><h2 class="doc-tairway">前提条件</h2></div> <p class="p">您已购买数据库审计实例。</p> </section> <section class="section context"><div class="tasklabel"><h2 class="doc-tairway">背景信息</h2></div> <p class="p">当需要数据库审计服务协同排查问题时，可在指定接口上进行抓包，并且抓包产生的文件可以下载到本地。</p> </section> <section><div class="tasklabel"><h2 class="doc-tairway">操作步骤</h2></div><ol class="ol steps"><li class="li step stepexpand"> <span class="ph cmd">登录<a class="xref" href="https://www.ocftcloud.com/console/db-audit" target="_blank" rel="external noopener">数据库审计控制台</a>，进入<span class="keyword wintitle">实例列表</span>页面。</span> </li><li class="li step stepexpand"> <span class="ph cmd">单击目标实例<span class="ph uicontrol">操作</span>列的<span class="ph uicontrol">管理</span>，进入数据库审计控制台。</span> <div class="itemgroup info"> <img class="image" id="TCPDUMP__d66e47" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222103110011-12277d5f94d4.png" width="700"> </div> </li><li class="li step stepexpand"> <span class="ph cmd">在菜单栏选择<strong class="ph b">系统管理</strong><strong class="ph b"> >系统维护</strong>，进入<strong class="ph b">系统维护</strong>页面。</span> </li><li class="li step stepexpand"> <span class="ph cmd">选择<strong class="ph b">调试工具</strong>页签，在<strong class="ph b">Tcpdump</strong><strong class="ph b">抓包管理</strong>区域单击<strong class="ph b">新增抓包任务</strong>，进入<strong class="ph b">新增</strong><strong class="ph b">TCPDUMP</strong><strong class="ph b">抓包</strong>页面，根据以下信息新增抓包任务。</span> <div class="itemgroup info"> <img class="image" id="TCPDUMP__image_u4x_gb5_psb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222103110011-1b9652ce9ad5.png" width="500"> <table class="table" id="TCPDUMP__table_r2j_wb5_psb"><caption></caption><colgroup><col style="width:35.714285714285715%"><col style="width:64.28571428571429%"></colgroup><thead class="thead"> <tr class="row"> <th class="entry" id="TCPDUMP__table_r2j_wb5_psb__entry__1"> <p class="p">配置项</p> </th> <th class="entry" id="TCPDUMP__table_r2j_wb5_psb__entry__2"> <p class="p">说明</p> </th> </tr> </thead><tbody class="tbody"> <tr class="row"> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__1 "> <p class="p">网口</p> </td> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__2 "> <p class="p">抓包的网口。</p> </td> </tr> <tr class="row"> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__1 "> <p class="p">过滤串</p> </td> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__2 "> <p class="p">包的过滤串，系统根据过滤串抓取相应报文，过滤串指IP和端口。</p> </td> </tr> <tr class="row"> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__1 "> <p class="p">最大抓包时长</p> </td> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__2 "> <p class="p">抓包的最大时长，超过最大抓包时长将会停止抓包。取值范围为1~86400，单位为秒。</p> </td> </tr> <tr class="row"> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__1 "> <p class="p">最大文件大小</p> </td> <td class="entry" headers="TCPDUMP__table_r2j_wb5_psb__entry__2 "> <p class="p">抓包文件的最大大小，超过此限制将会停止抓包。取值范围为1~10480，单位为MB。</p> </td> </tr> </tbody></table> </div> </li><li class="li step stepexpand"> <span class="ph cmd">单击<strong class="ph b">保存。</strong></span> </li><li class="li step stepexpand"> <span class="ph cmd">抓包完成后，单击<strong class="ph b">操作</strong>列<strong class="ph b">下载</strong>可将抓包文件下载至本地。</span> <div class="itemgroup info"> <img class="image" id="TCPDUMP__image_jmd_cc5_psb" src="https://obs-cn-shanghai.ocftcloud.com/pacloud/20222103110011-1860d6fd9622.png" width="700"> </div> </li></ol></section>