| CPC H04L 43/12 (2013.01) [H04L 43/028 (2013.01); H04L 43/20 (2022.05)] | 14 Claims |
|
1. A method of capturing packets from one or more applications hosted on one or more containers connected to one or more network interfaces in a section of an industrial network, by a packet capture service wherein the packet capture service is connected to a packet capture client for transmitting the captured packets to the packet capture client, the method comprising:
receiving a capture request for capturing packets associated with a connection of a second container from the one or more containers, wherein the connection is between the second container and a network destination for transmitting one or more packets;
determining a network path associated with the connection of the second container, wherein the network path is indicative of the one or more network interfaces used by the packets of the connection from the second container to the network destination;
determining a presence of the one or more network interfaces in one of a first capture session and the connection between the packet capture service and the packet capture client, wherein the first capture session is for capturing packets associated with a first container, wherein at least one network interface from the one or more network interfaces is present in one of a network path of the first capture session and the connection between the packet capture service and the packet capture client;
generating a filter related to the capture request for capturing packets associated with the connection of the second container, wherein the filter comprises one or more filter expressions for filtering one or more of packets associated with the first capture session and packets originating from or transmitted to the packet capture service; and
approving the capture request for creating a second capture session for capturing packets associated with the connection of the second container.
|