Technical Tip: How to configure sample-rate for NetFlow

Description

This article explains how to set up the sample rate for NetFlow.

Scope

FortiGate.

Solution

• NetFlow on FortiGate, exports all the information about sessions depending on netflow-sampler interface monitoring configuration.
• NetFlow on FortiGate does not support the sampling rate below v7.6.
• Sflow supports packet sampling at a configurable rate for all versions.

  From v7.6.x onward the following CLI options can be used to control the sample rate:

config system interface
    edit <interface name>
        set netflow-sampler {tx | rx | both}
        set netflow-sample-rate <integer>
        set netflow-sampler-id <integer>
    next
end

Note: Before enabling netflow-sample-rate, set netflow-sampler to tx, rx, or both.

          tx: Monitors outbound traffic on this interface.
          rx: Monitors inbound traffic on this interface.
          both: Monitors both inbound and outbound traffic on this interface.

Related document:

Netflow sampling 
Troubleshooting Tip: Sflow and netflow issues