EasyManua.ls Logo

Cisco ASA 5540

Cisco ASA 5540
1822 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
72-4
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 72 Configuring NetFlow Secure Event Logging (NSEL)
Configuring NSEL
Additional Guidelines and Limitations
If you previously configured flow-export actions using the flow-export enable command, and you
upgrade to a later version, then your configuration will be automatically converted to the new
Modular Policy Framework flow-export event-type command, described under the policy-map
command. For more information, see the Release Notes for the Cisco ASA 5500 Series for Version
8.1(2).
Flow-export actions are not supported in interface-based policies. You can configure flow-export
actions in a class-map only with the match access-list, match any, or class-default commands. You
can only apply flow-export actions in a global service policy.
Configuring NSEL
This section describes how to configure NSEL, and includes the following topics:
Using NetFlow, page 72-4
Matching NetFlow Events to Configured Collectors, page 72-5
Using NetFlow
The NetFlow pane lets you enable the transmission of data about a flow of packets. To access this pane,
choose Configuration > Device Management > Logging > NetFlow.
Note IP address and hostname assignments should be unique throughout the NetFlow configuration.
To use NetFlow, perform the following steps:
Step 1 Enter the template timeout rate, which is the interval (in minutes) at which template records are sent to
all configured collectors. The default value is 30 minutes.
Step 2 To delay the export of flow-creation events and process a single flow-teardown event instead of a
flow-creation event and a flow-teardown event, check the Delay export of flow creation events for
short-lived flows check box, and then enter the number of seconds for the delay in the Delay By field.
Step 3 Specify the collector(s) to which NetFlow packets will be sent. You can configure a maximum of five
collectors. To configure a collector, click Add to display the Add NetFlow Collector dialog box, and
perform the following steps:
a. Choose the interface to which NetFlow packets will be sent from the drop-down list.
b. Enter the IP address or hostname and the UDP port number in the associated fields.
c. Click OK.
Step 4 To configure more collectors, repeat Step 2 for each additional collector.
Step 5 To change collector configuration details, select a collector and click Edit. To remove a configured
collector, select it and click Delete.

Table of Contents

Other manuals for Cisco ASA 5540

Preview: Cli Configuration Guide
Cli Configuration Guide2164 pages
Preview: Getting Started Guide
Getting Started Guide208 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages

Related product manuals