Created on 11-30-2020 02:03 AM Edited on 01-31-2024 03:09 AM By Jean-Philippe_P
Description
This article describes how to troubleshoot Sflow and netflow issues.
Scope
FortiGate.
Solution
Viewing the Configuration:
diagnose test application sflowd 3
diagnose test application sflowd 4
Netflow does not have a separate daemon and is instead running under sflowd.
The Netflow configuration can be viewed by using test level 3 or 4.
For Netflow the standard value is UDP port 2055, but other values like 9555, 9025, or 9026 can also be used.
Session1.
diag sniffer packet any 'host x.x.x.x' 4
To stop the Sniffer, use CTRL + C.
Session2.
diag debug reset
diag debug enabl
diag debug flow filter addr x.x.x.x <----- Replace x.x.x.x with sflow server IP/ netflow server IP.
diag debug flow show console en
diag debug flow show function-name en
# diag debug flow trace start 1000
To stop the debug logs:
diag debug reset
diag debug disabl
Related srticles:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.