Zscaler Troubleshooting - Exporting Logs and Capturing Packets
When reporting an issue with Zscaler on your computer, you may need to provide application logs and live packet captures to figure out how the issue is affecting your computer. Follow the instructions below to gather this information effectively so that we can help you resolve the problem quickly:
Capturing Packets During the Issue
Zscaler Support may also require live packet captures during the issue to diagnose network-related problems. Packet captures help identify network traffic patterns and potential issues.
How to Start a Packet Capture:
-
Open the Zscaler app on your device.
-
Navigate to More -> expand Troubleshoot tab if not already expanded
-
First click on Clear Logs and wait for it to process
- Then in the same spot, click on start packet capture
- Then RIGHT AWAY start the app or service that you're having the issue with
- Replicate the issue you're having while the packet capture is running and let run for 2-5 mins then go back to Zscaler and stop packet capture.
- Lastly, hit Export Logs and save them to your desktop and send them to the technician
Example Use Case: If you're experiencing poor call quality in Microsoft Teams:
-
Start the packet capture while the issue is occurring.
-
Let the packet capture run for approximately 5 minutes.
-
Stop the capture and retrieve the files.
By providing both logs files, you’ll help Zscaler Support effectively troubleshoot and resolve the issue.
Notes for admins:
Packet Capture File Locations:
The packet capture files would look like this inside the log files.
CaptureAdapters_2020-07-28-17-13-49.822349.pcap
CaptureLWF_2020-07-28-17-13-49.822349.pcap