Cisco Nexus: EthAnalyzer

I've been fighting with getting EthAnalyzer trying to get it to do something useful.  But it always only showed me traffic to/from the switch itself, not packets that pass through it. 
Today I found the following information and EUREKA!
ethanalyzer data plane traffic analysis



ACLs and Ethanalyzer for Data Plane Sampling:

The Ethanalyzer captures only traffic on CPU, so seems as unsuitable solution for the data plane traffic analysis. However, this limitation can be avoided with a use of ACL logging to sample specific packets from data plane.

              .   .   .

When we use ACLs and the “log” keyword, access control entries (ACEs) with log keyword cause system to punt a copy of matching packets to supervisor CPU. Key point is that original traffic forwarded or dropped in hardware with no performance penalty. Note that punted copies subjected to hardware rate limiter, forwarding engine hardware enforces rate to avoid saturating inband interface/CPU.

So the following accomplished what I have been trying to do for a long time:

IP access list acl-cap

  10 permit ip 10.10.10.11/32 any log

  20 permit ip any any

Eth6/28

  ip port access-group acl-cap in

ethanalyzer local int inband limit-captured-frames 0 autostop duration 60 write bootflash:test-2.pcap