Below is an example of how to modify the configuration to enable NetFlow switching. It also shows how to export the flow statistics for further processing to UDP port9995 on a workstation with the IP address of40.0.0.2.
In our example, we are considering "40.0.0.2" is the CCE IP. Users need to change it during implementation. |
Step 1: Open cli and enter the following command:
Switch# config t
Step 2: Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)# ip route-cache flow
Switch(config)# ip flow-export destination 40.0.0.2 9995
Switch(config)# ip flow-export version 5
Switch(config)# end
Switch# show ip flow export
One can also refer to :https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/nfswitch.html
Verification can be done either from CCE Server or from UI
Run the command : sudo tcpdump -i any port 9995 and host <IP address> to check if flows are coming on CCE server
Go on UI >> Systems
Go to Logs and Flows collection Status