FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
js2
Staff
Staff
Description
This article describes how to troubleshoot Sflow and netflow issues.

Solution
Viewing the Configuration:
# diagnose test application sflowd 3
# diagnose test application sflowd 4
Netflow does not have a separate daemon and is instead running under sflowd.
The Netflow configuration can be viewed by using test level 3 or 4.


For netflow the standard value is UDP port 2055, but other values like 9555, 9025, or 9026 can also be used.

Session1.
# diag sniffer packet any 'host x.x.x.x' 4
To stop the Sniffer, use CTRL + C.

Session2.
# diag debug reset
# diag debug enable
# diag debug flow filter addr x.x.x.x    <----- Replace x.x.x.x with sflow server IP/ netflow server IP.

# diag debug flow show console en
# diag debug flow show function-name en
# diag debug flow trace start 1000
To stop the debug logs:
# diag debug reset
# diag debug disable

Related Articles

Technical Tip: How to Configure Netflow

Contributors