Hello Alexis
Well, using EPC is one way to do it. The other way is to use SPAN, RSPAN, or ERSPAN. For those features, you need to configure switches and routers, as well as provision for a dedicated packet capture PC running Wireshark or another capture program.
EPC is convenient because you don’t need elaborate configurations, and you can save your pcap files directly to the device. This is useful if you don’t have a laptop/PC on hand to capture immediately.
Once the pcap file is saved, you must view it using some packet capture analysis program such as Wireshark.
You can view some data on the CLI using the following command:
R2#show monitor capture buffer CAPTURE dump
where CAPTURE is the name of the buffer. But the result shown is in hex and is not useful to examine. Using Wireshark presents the data in a much more useful way. When exported, the buffer becomes a pcap file.
Cisco Nexus devices have a more comprehensive packet capture and analysis feature called Ethanalyzer with which you can view more useful packet capture info in the CLI. You can find out more about it here:
But as far as I know, similar functionality is not yet available on IOS devices.
I hope this has been helpful!
Laz