EasyManuals Logo
Home>Cisco>Firewall>ASA 5540

Cisco ASA 5540 User Manual

Cisco ASA 5540
2164 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #1993 background imageLoading...
Page #1993 background image
1-5
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring NetFlow Secure Event Logging (NSEL)
Configuring NSEL
Configuring NSEL
This section describes how to configure NSEL and includes the following topics:
Configuring NSEL Collectors, page 1-5
Configuring Flow-Export Actions Through Modular Policy Framework, page 1-5
Configuring Template Timeout Intervals, page 1-7
Disabling and Reenabling NetFlow-related Syslog Messages, page 1-8
Clearing Runtime Counters, page 1-8
Configuring NSEL Collectors
To configure NSEL collectors, enter the following command:
What to Do Next
See the “Configuring Flow-Export Actions Through Modular Policy Framework” section on page 1-5.
Configuring Flow-Export Actions Through Modular Policy Framework
To export NSEL events by defining all classes with flow-export actions, perform the following steps:
Command Purpose
flow-export destination interface-name
ipv4-address|hostname udp-port
Example:
hostname (config)# flow-export destination inside
209.165.200.225 2002
Adds, edits, or deletes an NSEL collector to which NetFlow
packets are sent. The destination keyword indicates that a
NSEL collector is being configured. The interface-name
argument is the name of the ASA and ASA Services Module
interface through which the collector is reached. The
ipv4-address argument is the IP address of the machine
running the collector application. The hostname argument is
the destination IP address or name of the collector. The
udp-port argument is the UDP port number to which NetFlow
packets are sent. You can configure a maximum of five
collectors. After a collector is configured, template records
are automatically sent to all configured NSEL collectors.
Note Make sure that collector applications use the Event
Time field to correlate events.
Command Purpose
Step 1
class-map flow_export_class
Example:
hostname (config-pmap)# class-map flow_export_class
Defines the class map that identifies traffic for which
NSEL events need to be exported. The
flow_export_class argument is the name of the class
map.
Step 2
Choose one of the following options:

Table of Contents

Other manuals for Cisco ASA 5540

Preview: Configuration Guide
Configuration Guide1822 pages
Preview: Hardware Installation Guide
Hardware Installation Guide82 pages
Preview: Getting Started Guide
Getting Started Guide208 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco ASA 5540 and is the answer not in the manual?

Cisco ASA 5540 Specifications

General IconGeneral
BrandCisco
ModelASA 5540
CategoryFirewall
LanguageEnglish

Related product manuals