Add Traffic Class to NetFlow

Procedure

Step 1

Choose Devices > Platform Settings and create or edit the threat defense policy.

Step 2

Select NetFlow.

Step 3

Enable the Enable Flow Export toggle to enable NetFlow data export.

Step 4

Click Add Traffic Class to configure the traffic class.

Step 5

In the Name field, enter the name of the traffic class that must match the NetFlow events.

Step 6

In the Type field, choose the traffic class to filter the type of traffic you want to capture:

  • Default—The traffic class that is matched if none of the traffic classes matches the traffic.

  • Access List—The specific traffic class that must match the traffic captured for the NetFlow events.

Step 7

If you chose Access List as the Type, then you must choose the access list object from the Access List Object dropdown list.

Note

You can also click the + icon to create a new extended access list object. See Configure Extended ACL Objects.

Step 8

In Event Types, check the checkboxes for the different NetFlow events that you want to capture and send to the collectors.

Step 9

Click OK.