Documentation forNetFlow Traffic Analyzer
Analyzing network traffic and bandwidth is a key capability of SolarWinds Observability Self-Hosted (formerly Hybrid Cloud Observability) and is available in the Advanced edition. NetFlow Traffic Analyzer (NTA) is also available in a standalone module.

Cisco ASA 5500

Besides the usual target address for flow exports, devices in this series require a service policy that enables flow data to be exported.

The following example includes annotations that explain the requirements for successfully configuring NetFlow on this device.

ip flow-export destination inside 1.1.1.1 2055

This command sets the export target IP address and port and designates it as inside the network that includes the ASA device.

ip flow-export template timeout-rate 1

This command sets the timeout of the current v9 template (in this case: one minute) and results in resending the template with the flow data as soon as the timeout is reached.

ip flow-export delay flow-create 60

This command delays the creation of a NetFlow record and so delays exporting flow data until the number of seconds (60 in this case) are reached.

ip access-list netflow-export extended permit ip any any

This command creates an access-list called netflow-export that the device uses to export flow records from any IP address outside interface to any IP address (in this case, the result is that exports go to the NetFlow collector target as specified in the ip flow-export destination command).

class-map netflow-export-class
match access-list netflow-export
policy-map global_policy
class netflow-export-class
service-policy global_policy global
flow-export event-type all destination 1.1.1.1

If a global policy already exists, add the NetFlow policy map to it.

These commands create the Modular QoS traffic management setup to enable flow packet traffic to get out of the device's outside interfaces and make it to the targeted NetFlow collector:

  • Creates a traffic class (class-map) called netflow-export-class.
  • Specifies that the access list netflow-export should be applied (match) to this class.
  • Selects (policy-map) default traffic inspection rules (global_policy) for flow traffic.
  • Applies (service-policy) those rules to all interfaces (global) on the device through which flow packets is transferred.
  • Specifies that all events that trigger creation of flow records should be targeted at the NTA collector (1.1.1.1).

Full configuration

The overall configuration without annotations looks like this:

flow-export destination inside 1.1.1.1 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
access-list netflow-export extended permit ip any any
class-map netflow-export-class
match access-list netflow-export
policy-map global_policy
class netflow-export-class
flow-export event-type all destination 1.1.1.1
service-policy global_policy global