Add Traffic Class to NetFlow

Procedure

Step 1

Choose Devices > Platform Settings and create or edit the Firewall Threat Defense policy.

Step 2

Select NetFlow.

Step 3

Enable the Enable Flow Export toggle to enable NetFlow data export.

Step 4

Click Add Traffic Class to configure the traffic class.

Step 5

In the Name field, enter the name of the traffic class that must match the NetFlow events.

Step 6

In the Type field, choose the traffic class to filter the type of traffic you want to capture:

  • Default—The traffic class that is matched if none of the traffic classes matches the traffic.

  • Access List—The specific traffic class that must match the traffic captured for the NetFlow events.

Step 7

If you chose Access List as the Type, then you must choose the access list object from the Access List Object dropdown list.

Note

You can also click the (add icon) icon to create a new extended access list object. See Configure Extended ACL Objects.

Step 8

In Event Types, check the checkboxes for the different NetFlow events that you want to capture and send to the collectors.

Step 9

Click OK.