Do not miss the long awaited addition to the Fortigate 4 MR2 – sFlow data export
Great news – now Fortigate supports exporting data flows statistics to an external server using sFlow protocol (twin of Netflow from the Cisco world). I configured it in about a minute and it just works. To collect the sFlow data I use nfdump/Nfsen , that I found to be the most stable and versatile, not to mention being the rare one supporting both Netflow and sFlow. You first set external server IP and destination port , here it is 10.99.99.158 and UDP 7774, and then enable flow export per interface. Example follows, here I did it on Fortigate 100.
show system sflow
config system sflow
set collector-ip 10.99.99.158
set collector-port 7774
end
show system interface dmz1
config system interface
edit "dmz1"
set vdom "root"
set ip 10.99.99.254 255.255.255.0
set allowaccess ping https ssh snmp
set type physical
set wccp enable
set sflow-sampler enable
next
end
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.