Configure multiple flow-export collectors

You can now configure multiple flow-export collectors using the config collectors command. For each collector, you can specify the collector IP address, the collector port number, and the collector layer-4 transport protocol for exporting packets.

Using multiple flow-export collectors requires FortiSwitchOS 7.0.0 or later. If you are using an earlier version of FortiSwitchOS, only the first flow-export collector is supported.

You can also specify how often a template packet is sent using the new set template-export-period command. By default, a template packet is sent every 5 minutes. The range of values is 1-60 minutes.

To configure multiple flow-export collectors on managed FortiSwitch units:

config switch-controller flow-tracking

set sample-mode {local | perimeter | device-ingress}

set sample-rate <0-99999>

set format {netflow1 | netflow5 | netflow9 | ipfix}

set level {vlan | ip | port | proto}

set max-export-pkt-size <512-9216 bytes; default is 512>

set template-export-period <1-60 minutes, default is 5>

set timeout-general <60-604800 seconds; default is 3600>

set timeout-icmp <60-604800 seconds; default is 300>

set timeout-max <60-604800 seconds; default is 604800>

set timeout-tcp <60-604800 seconds; default is 3600>

set timeout-tcp-fin <60-604800 seconds; default is 300>

set timeout-tcp-rst <60-604800 seconds; default is 120>

set timeout-udp <60-604800 seconds; default is 300>

config collectors

edit <collector_name>

set ip <IPv4_address>

set port <0-65535>

set transport {udp | tcp | sctp}

end

config aggregates

edit <aggregate_ID>

set <IPv4_address>

end

end

For example:

config switch-controller flow-tracking

config collectors

edit "Analyzer_1"

set ip 172.16.201.55

set port 4739

set transport sctp

next

edit "Collector_HQ"

set ip 172.16.116.82

set port 2055

next

end

set template-export-period 10

end