Greetings!
I just took a look at the section in question, and yep, we definitely need to put better examples in there — thanks for the heads-up!
Configuring port mirroring is actually fairly simple — with the correct syntax — and is deployed as you would expect.
First, create the local mirror session and assign it to a port (in this case, port 23):
switch(config)# mirror 1 port 23
Then, choose one or more interfaces to monitor, the direction of traffic to be monitored (inbound, outbound, or both), and the destination mirror session:
switch(config)# interface 1-4 monitor all out mirror 1
You can configure up to 4 local mirror sessions, with one mirror destination port and any number of source ports per session (with the obvious caveat that any monitored traffic in excess of available bandwidth on the destination port will be dropped).
As for remote mirroring: ArubaOS-Switch utilizes the HP Encapsulated Remote Mirroring (HP ERM) protocol, which is intended to send mirrored packets to another ArubaOS-Switch or ProVision OS device for decapsulation and forwarding to the capture station. However, Wireshark includes a plugin for decoding HP ERM protocol packets, so instead of setting the remote mirroring destination as another switch, you can set it to a system running Wireshark instead.
To configure a remote mirror session, you will need to specify the source IP address, UDP encapsulation port (used to receive and/or decapsulate mirrored traffic at the destination), and remote station IP address:
switch(config)# mirror 2 remote ip 10.100.0.254 9999 10.30.1.45
This sends mirrored traffic from the switch IP address 10.100.0.254 to the remote mirroring station at 10.30.1.45 using UDP port 9999.
If using Wireshark to capture the mirrored traffic, you will need to filter incoming traffic by the switch IP address (ip.src== 10.100.0.254) and then configure the decoder — from the Analyze menu, choose Decode As..., then click the + button in the bottom left. For the Field, choose UDP port and set the Value to 9999. Leave Type and Default alone, and under Current, choose HP_ERM. Click OK, and after Wireshark reprocesses any packets already captured, you should now see the properly decapsulated traffic.
If the HP_ERM protocol does not appear in the list as described above, you may need to manually enable it. Open Analyze -> Enabled Protocols..., and type HP_ERM into the search bar at the bottom. If the box is unchecked, check the box to enable the protocol and then click OK. (You may need to restart Wireshark for this change to take effect.)
Let us know if you run into any issues while configuring mirroring from these instructions.