1-13
Cisco ASA Series CLI Configuration Guide
 
Chapter 1      Configuring NetFlow Secure Event Logging (NSEL)
  Feature History for NSEL
Table 1-2 Feature History for NSEL
Feature Name
Platform 
Releases Feature Information
NetFlow  8.1(1) The NetFlow feature enhances the ASA logging capabilities by logging flow-based events 
through the NetFlow protocol. NetFlow Version 9 services are used to export information 
about the progression of a flow from start to finish. The NetFlow implementation exports 
records that indicate significant events in the life of a flow. This implementation is 
different from traditional NetFlow, which exports data about flows at regular intervals. The 
NetFlow module also exports records about flows that are denied by access lists. You can 
configure an ASA 5580 to send the following events using NetFlow: flow create, flow 
teardown, and flow denied (only flows denied by ACLs are reported).
We introduced the following commands: clear flow-export counters, flow-export 
enable, flow-export destination, flow-export template timeout-rate, logging 
flow-export syslogs enable, logging flow-export syslogs disable, show flow-export 
counters, show logging flow-export-syslogs.
NetFlow 
Filtering
8.1(2) You can filter NetFlow events based on traffic and event type, then send records to different 
collectors. For example, you can log all flow-create events to one collector, and log 
flow-denied events to a different collector. 
We modified the following commands: class, class-map, flow-export event-type 
destination, match access-list, policy-map, service-policy.
For short-lived flows, NetFlow collectors benefit from processing a single event instead of 
two events: flow create and flow teardown. You can configure a delay before sending the 
flow-create event. If the flow is torn down before the timer expires, only the flow teardown 
event is sent. The teardown event includes all information regarding the flow; no loss of 
information occurs.
We introduced the following command: flow-export delay flow-create. 
NSEL 8.2(1) The NetFlow feature has been ported to all available models of ASAs.
Clustering 9.0(1) The NetFlow feature supports clustering.
NSEL A new NetFlow error counter, source port allocation failure, has been added.
We modified the following command: show flow-export counters.
Flow-update events have been introduced to provide periodic byte counters for flow traffic. 
You can change the time interval at which flow-update events are sent to the NetFlow 
collector. You can filter to which collectors flow-update records will be sent.
Note The flow-update event feature is available in Version 8.4(5) only; it is not available 
in Version 9.0(1) or later.