Great news – now Fortigate supports exporting data flows statistics to an external server using sFlow protocol (twin of Netflow from the Cisco world). I configured it in about a minute and it just works. To collect the sFlow data I use nfdump/Nfsen , that I found to be the most stable and versatile, not to mention being the rare one supporting both Netflow and sFlow. You first set external server IP and destination port , here it is 10.99.99.158 and UDP 7774, and then enable flow export per interface. Example follows, here I did it on Fortigate 100.
show system sflow
config system sflow set collector-ip 10.99.99.158 set collector-port 7774 end
show system interface dmz1
config system interface edit "dmz1" set vdom "root" set ip 10.99.99.254 255.255.255.0 set allowaccess ping https ssh snmp set type physical set wccp enable set sflow-sampler enable next end
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.