config switch-controller flow-tracking
Configure FortiSwitch flow tracking and export via ipfix/netflow.
config switch-controller flow-tracking
Description: Configure FortiSwitch flow tracking and export via ipfix/netflow.
config aggregates
Description: Configure aggregates in which all traffic sessions matching the IP Address will be grouped into the same flow.
edit <id>
set ip {ipv4-classnet}
next
end
config collectors
Description: Configure collectors for the flow.
edit <name>
set ip {ipv4-address-any}
set port {integer}
set transport [udp|tcp|...]
next
end
set format [netflow1|netflow5|...]
set level [vlan|ip|...]
set max-export-pkt-size {integer}
set sample-mode [local|perimeter|...]
set sample-rate {integer}
set template-export-period {integer}
set timeout-general {integer}
set timeout-icmp {integer}
set timeout-max {integer}
set timeout-tcp {integer}
set timeout-tcp-fin {integer}
set timeout-tcp-rst {integer}
set timeout-udp {integer}
end
config switch-controller flow-tracking
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
format |
Configure flow tracking protocol. |
option |
- |
netflow9 |
||||||||||||
|
|
|
|||||||||||||||
|
level |
Configure flow tracking level. |
option |
- |
ip |
||||||||||||
|
|
|
|||||||||||||||
|
max-export-pkt-size |
Configure flow max export packet size (512-9216, default=512 bytes). |
integer |
Minimum value: 512 Maximum value: 9216 |
512 |
||||||||||||
|
sample-mode |
Configure sample mode for the flow tracking. |
option |
- |
perimeter |
||||||||||||
|
|
|
|||||||||||||||
|
sample-rate |
Configure sample rate for the perimeter and device-ingress sampling(0 - 99999). |
integer |
Minimum value: 0 Maximum value: 99999 |
512 |
||||||||||||
|
template-export-period |
Configure template export period (1-60, default=5 minutes). |
integer |
Minimum value: 1 Maximum value: 60 |
5 |
||||||||||||
|
timeout-general |
Configure flow session general timeout (60-604800, default=3600 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
3600 |
||||||||||||
|
timeout-icmp |
Configure flow session ICMP timeout (60-604800, default=300 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
300 |
||||||||||||
|
timeout-max |
Configure flow session max timeout (60-604800, default=604800 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
604800 |
||||||||||||
|
timeout-tcp |
Configure flow session TCP timeout (60-604800, default=3600 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
3600 |
||||||||||||
|
timeout-tcp-fin |
Configure flow session TCP FIN timeout (60-604800, default=300 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
300 |
||||||||||||
|
timeout-tcp-rst |
Configure flow session TCP RST timeout (60-604800, default=120 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
120 |
||||||||||||
|
timeout-udp |
Configure flow session UDP timeout (60-604800, default=300 seconds). |
integer |
Minimum value: 60 Maximum value: 604800 |
300 |
||||||||||||
config aggregates
|
Parameter |
Description |
Type |
Size |
Default |
|---|---|---|---|---|
|
id |
Aggregate id. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
0 |
|
ip |
IP address to group all matching traffic sessions to a flow. |
ipv4-classnet |
Not Specified |
0.0.0.0 0.0.0.0 |
config collectors
|
Parameter |
Description |
Type |
Size |
Default |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
ip |
Collector IP address. |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||
|
name |
Collector name. |
string |
Maximum length: 63 |
|
||||||||
|
port |
Collector port number(0-65535, default:0, netflow:2055, ipfix:4739). |
integer |
Minimum value: 0 Maximum value: 65535 |
0 |
||||||||
|
transport |
Collector L4 transport protocol for exporting packets. |
option |
- |
udp |
||||||||
|
|
|
|||||||||||