NetFlow templates
Netflow uses templates to capture and categorize the data that it collects. FortiOS supports the following Netflow templates:
|
Name |
Template ID |
Description |
|---|---|---|
|
STAT_OPTIONS |
Statistics information about exporter |
|
|
APP_ID_OPTIONS |
Application information |
|
|
IPV4 |
No NAT IPv4 traffic |
|
|
IPV6 |
No NAT IPv6 traffic |
|
|
ICMP4 |
No NAT ICMPv4 traffic |
|
|
ICMP6 |
No NAT ICMPv6 traffic |
|
|
IPV4_NAT |
Source/Destination NAT IPv4 traffic |
|
|
IPV4_AF_NAT |
AF NAT IPv4 traffic (4->6) |
|
|
IPV6_NAT |
Source/Destination NAT IPv6 traffic |
|
|
IPV6_AF_NAT |
AF NAT IPv6 traffic (6->4) |
|
|
ICMP4_NAT |
Source/Destination NAT ICMPv4 traffic |
|
|
ICMP4_AF_NAT |
AF NAT ICMPv4 traffic (4->6) |
|
|
ICMP6_NAT |
Source/Destination NAT ICMPv6 traffic |
|
|
ICMPv6_AF_NAT |
AF NAT ICMPv6 traffic (6->4) |
256 - STAT_OPTIONS
|
Description |
Statistics information about exporter |
|
Scope Field Count |
1 |
|
Data Field Count |
7 |
|
Option Scope Length |
4 |
|
Option Length |
28 |
|
Padding |
0000 |
Scope fields
|
Field # |
Field |
Type |
Length |
|---|---|---|---|
|
1 |
System |
System (1) |
2 |
Data fields
|
Field # |
Field |
Type |
Length |
|---|---|---|---|
|
1 |
TOTAL_BYTES_EXP |
TOTAL_BYTES_EXP (40) |
8 |
|
2 |
TOTAL_PKTS_EXP |
TOTAL_PKTS_EXP (41) |
8 |
|
3 |
TOTAL_FLOWS_EXP |
TOTAL_FLOWS_EXP (42) |
8 |
|
4 |
FLOW_ACTIVE_TIMEOUT |
FLOW_ACTIVE_TIMEOUT (36) |
2 |
|
5 |
FLOW_INACTIVE_TIMEOUT |
FLOW_INACTIVE_TIMEOUT (37) |
2 |
|
6 |
SAMPLING_INTERVAL |
SAMPLING_INTERVAL (34) |
4 |
|
7 |
SAMPLING_ALGORITHM |
SAMPLING_ALGORITHM (35) |
1 |
257 - APP_ID_OPTIONS
|
Description |
Application information |
|
Scope Field Count |
1 |
|
Data Field Count |
4 |
|
Option Scope Length |
4 |
|
Option Length |
16 |
|
Padding |
0000 |
Scope fields
|
Field # |
Field |
Type |
Length |
|---|---|---|---|
|
1 |
System |
System (1) |
2 |
Data fields
|
Field # |
Field |
Type |
Length |
|---|---|---|---|
|
1 |
APPLICATION_ID |
APPLICATION_ID (95) |
9 |
|
2 |
APPLICATION_NAME |
APPLICATION_NAME (96) |
64 |
|
3 |
APPLICATION_DESC |
APPLICATION_DESC (94) |
64 |
|
4 |
applicationCategoryName |
applicationCategoryName (372) |
32 |
258 - IPV4
|
Description |
No NAT IPv4 traffic |
|
Data Field Count |
17 |
Data fields
|
Field # |
Field |
Type |
Length |
|---|---|---|---|
|
1 |
BYTES |
BYTES (1) |
8 |
|
2 |
OUT_BYTES |
OUT_BYTES (23) |
8 |
|
3 |
PKTS |
PKTS (2) |
4 |
|
4 |
OUT_PKTS |
OUT_PKTS (24) |
4 |
|
5 |
FIRST_SWITCHED |
FIRST_SWITCHED (22) |
4 |
|
6 |
LAST_SWITCHED |
LAST_SWITCHED (21) |
4 |
|
7 |
L4_SRC_PORT |
L4_SRC_PORT (7) |
2 |
|
8 |
L4_DST_PORT |
L4_DST_PORT (11) |
2 |
|
9 |
INPUT_SNMP |
INPUT_SNMP (10) |
2 |
|
10 |
OUTPUT_SNMP |
OUTPUT_SNMP (14) |
2 |
|
11 |
PROTOCOL |
PROTOCOL (4) |
1 |
|
12 |
APPLICATION_ID |
APPLICATION_ID (95) |
9 |
|
13 |
FLOW_FLAGS |
FLOW_FLAGS (65) |
2 |
|
14 |
FORWARDING_STATUS |
FORWARDING_STATUS (89) |
1 |
|
15 |
flowEndReason |
flowEndReason (136) |
1 |
|
16 |
IP_SRC_ADDR |
IP_SRC_ADDR (8) |
4 |
|
17 |
IP_DST_ADDR |
IP_DST_ADDR (12) |
4 |
259 - IPV6
|
Description |
No NAT IPv6 traffic |
|
Data Field Count |
17 |