Configure Netflow Exports (Strata Cloud Manager)

1. Create a NetFlow server profile.

   The profile defines which Netflow collectors will receive the exported records and specifies export parameters.

   1. Select ConfigurationNGFW and Prisma AccessObjectsLog ForwardingNetflow Server Profile and click Add Netflow Server Profile.
   2. In the General section, enter a Name to identify the profile.
   3. Specify the Active Timeout, which is the frequency in minutes at which the firewall exports records (default is 5).
   4. Select PAN-OS Field Types if you want the firewall to export App-ID and User-ID fields.
   5. In the Template Refresh Rate section, specify the rate at which the firewall refreshes NetFlow Templates in Minutes (default is 30) and Packets (exported records—default is 20), according to the requirements of your Netflow collector. The firewall refreshes the templates after either threshold is passed.
   6. Click Add Server.
   7. Add Netflow collectors (up to two per profile) that will receive records. For each collector, specify the following:

      • Name to identify the collector.
      • Host hostname or IP address.
      • Access Port (default 2055).
   8. Click Add to save the profile.
   9. To commit your changes, click Push ConfigPush.
2. Assign the Netflow server profile to the firewall interfaces where traffic you want to analyze is ingressing.

   In this example, you assign the profile to an existing Ethernet interface.

   1. Select Ethernet and click an interface name to edit it.

      You can export Netflow records for Layer 3, Layer 2, Tap, virtual wire, VLAN, tunnel, and Aggregate Ethernet. For aggregate Ethernet interfaces, you can export records for the individual sub-interfaces that data flows within the group.

      For more information about configuring interfaces see Configuring Interfaces.
   2. Select the Netflow server profile you configured.

      (Optional) To create a new Netflow profile click Create New.
3. Click Save.
4. Push Config to push your configuration changes.