apps netflow

The following table describes the arguments for the apps netflow command:

Argument

Description

exporter

Configures the NetFlow Exporter.

monitor

Configures the NetFlow Monitor.

record

Configures the NetFlow Record.

The following table describes the syntax details of the command:

Command

Argument

Description

apps netflow

 

Configures the NetFlow Generation parameters.

 

exporter

Configures the NetFlow Generation Exporter.

 

monitor

Configures the NetFlow Generation Monitor.

 

record

Configures the NetFlow Generation Record.

apps netflow exporter

 

Specifies the NetFlow Generation Exporter.

 

alias

Configures an alias for the NetFlow Generation Exporter.

apps netflow exporter alias

 

Specifies a NetFlow Exporter alias.

 

<alias>

Specifies the name for the NetFlow Generation Exporter.

apps netflow exporter alias <alias>

 

Specifies the NetFlow Generation Exporter alias parameters.

 

<cr>

Enters the NetFlow Generation Exporter Mode to configure a NetFlow Generation Exporter.

 

description

Specifies a description for the NetFlow Generation Exporter (optional).

 

destination ipv4

Specifies a destination IPv4 address.

 

destination ipv6

 

Specifies a destination IPv6 address.

In an exporter, you can either configure IPv4 or IPv6 address.

 

dscp

Configures DSCP parameters for datagrams sent by the NetFlow Generation Exporter (optional).

 

filter

Specifies NetFlow Exporter filters.

 

format

Configures NetFlow Generation Exporter formats.

 

snmp enable

Enables SNMP for a specified NetFlow exporter. When enabled, SNMP requests that are sent by the external exporter will be replied so that external NetFlow collectors can integrate with GigaSMART NetFlow Generation.

The default port is the SNMP UDP port. The default port number is 161.

 

template-refresh-interval

Specifies the NetFlow Generation template and option template refresh interval.

 

transport

Specifies the NetFlow Generation Transport Protocol.

 

ttl

Configures the NetFlow Generation Time-To-Live (TTL) in seconds (optional).

apps netflow exporter alias <alias> description

 

Specifies a description for the NetFlow Generation Exporter.

 

<string>

Specifies the description of the NetFlow Generation Exporter.

apps netflow exporter alias <alias> destination

 

Specifies an alias destination for the NetFlow Generation Exporter.

 

ip4addr

Configures the IPv4 address of the NetFlow Generation Collector.

apps netflow exporter alias <alias> destination ip4addr

 

Specifies the NetFlow Generation Exporter destination IP address for the NetFlow Generation Collector.

 

<IPv4 address>

Specifies the NetFlow Generation IPv4 address.

apps netflow exporter alias <alias> dscp

 

Specifies the NetFlow Generation DSCP parameters.

 

<0-63>

Specifies NetFlow Generation DSCP parameters. The default is 0.

apps netflow exporter alias <alias> filter

 

Specifies NetFlow exporter filtering rules.

 

add pass

Adds a new exporter pass filter.

 

delete

Deletes an existing exporter filter.

apps netflow exporter alias <alias> filter add pass input interface range

apps netflow exporter alias <alias> filter add pass input interface value

<bid/sid/pid_x..pid_y>

<bid/sid/pid>

Adds a new exporter pass filter rule for an input interface as follows:

range—Configures input interface port range as <bid/sid/pid_x..pid_y>.
value—Configures input interface port value as <bid/sid/pid>.

apps netflow exporter alias <alias> filter add pass ipv4 dcsp

any value <af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | ef> | pos <1-3>

Adds a new exporter pass filter rule for IPv4 DiffServ Code Point (DSCP) bits as follows:

any value—Configures IPv4 DSCP bits value for Assured Forwarding Class 1 to Class 4 with Low, Med, or High Drop, or for Expedited Forwarding.
pos—Configures IPv4 DSCP bits position.

apps netflow exporter alias <alias> filter add pass ipv4 dst

any [range <ipv4_address..ipv4_address>] | value <IP address>] | pos <1-3>

Adds a new exporter pass filter rule for IPv4 destination address as follows:

any range—Configures IPv4 destination address range as <ipv4_address..ipv4_address>.
any value—Configures IPv4 destination address value as <IP address>.
pos—Configures IPv4 destination address position.

apps netflow exporter alias <alias> filter add pass ipv4 protocol

any [range <1-byte-hex..1-byte-hex> | value [icmp-ipv4 | igmp | ipv4ov4 | tcp | udp | ipv6 | rsvp | gre | <1-byte-hex>] | pos <1-3>

Adds a new exporter pass filter rule for IPv4 protocol as follows:

any range—Configures IPv4 protocol range as <1-byte-hex..1-byte-hex>.
any value—Configures IPv4 protocol value as a name or as <1-byte-hex>.
pos—Configures IPv4 protocol position.

apps netflow exporter alias <alias> filter add pass ipv4 src

any [range <ipv4_address..ipv4_address>] | [value <IP address>] | pos <1-3>

Adds a new exporter pass filter rule for IPv4 source address as follows:

any range—Configures IPv4 source address range as <ipv4_address..ipv4_address>.
any value—Configures IPv4 source address value as <IP address>.
pos—Configures IPv4 source address position.

apps netflow exporter alias <alias> filter add pass ipv4 tosval

any [range <1-byte-hex..1-byte-hex> | value <1-byte-hex>] | pos <1-3>

Adds a new exporter pass filter rule for IPv4 Type of Service (TOS) as follows:

any range—Configures IPv4 type of service range as <1-byte-hex..1-byte-hex>.
any value—Configures IPv4 type of service value as <1-byte-hex>.
pos—Configures IPv4 type of service position.

apps netflow exporter alias <alias> filter add pass ipv6 dcsp

any value <af11 | af12 | af13 | af21 | af22 | af23 | af31 | af32 | af33 | af41 | af42 | af43 | ef> | pos <1-3>

Adds a new exporter pass filter rule for IPv6 DiffServ Code Point (DSCP) bits as follows:

any value—Configures IPv6 DSCP bits value for Assured Forwarding Class 1 to Class 4 with Low, Med, or High Drop, or for Expedited Forwarding.
pos—Configures IPv6 DSCP bits position.

apps netflow exporter alias <alias> filter add pass ipv6 dst

any [range <ipv6_address..ipv6_address>] | [value <ipv6 address>] | pos <1-3>

Adds a new exporter pass filter rule for IPv6 destination address as follows:

any range—Configures IPv6 destination address range as <ipv6_address..ipv6_address>.
any value—Configures IPv6 destination address value as <ipv6 address>.
pos—Configures IPv6 destination address position.

apps netflow exporter alias <alias> filter add pass ipv6 flow-label

any [range <3-byte-hex..3-byte-hex> | [value <3-byte-hex>] | pos <1-3>

Adds a new exporter pass filter rule for IPv6 flow label as follows:

any range—Configures IPv6 flow label range as <3-byte-hex..3-byte-hex>.
any value—Configures IPv6 flow label value as <3-byte-hex>.
pos—Configures IPv6 flow label position.

apps netflow exporter alias <alias> filter add pass ipv6 src

any [range <ipv6_address..ipv6_address>] | [value <ipv6 address>] | pos <1-3>

Adds a new exporter pass filter rule for IPv6 source address as follows:

any range—Configures IPv6 source address range as <ipv6_address..ipv6_address>.
any value—Configures IPv6 source address value as <ipv6 address>.
pos—Configures IPv6 source address position.

apps netflow exporter alias <alias> filter add pass l4port dst

any [range <x..y>] | [value <0-65535>] | pos <1-3>

Adds a new exporter pass filter rule for Layer 4 (L4) destination port as follows:

any range—Configures L4 destination port range as a range between 0 and 65535, <x..y>.
any value—Configures L4 destination port value as a number between 0 and 65535.
pos—Configures L4 destination port position.

apps netflow exporter alias <alias> filter add pass l4port src

any [range <x..y>] | [value <0-65535>] | pos <1-3>

Adds a new exporter pass filter rule for Layer 4 (L4) source port as follows:

any range—Configures L4 source port range as a range between 0 and 65535, <x..y>.
any value—Configures L4 source port value as a number between 0 and 65535.
pos—Configures L4 source port position.

apps netflow exporter alias <alias> filter add pass mac dst

any [range <MAC_address..MAC_address>] | [value <MAC_address>] | pos <1-3>

Adds a new exporter pass filter rule for MAC destination address as follows:

any range—Configures MAC address range as <MAC_address..MAC_address>.
any value—Configures MAC address value as <MAC_address>.
pos—Configures MAC address position.

apps netflow exporter alias <alias> filter add pass mac src

any [range <MAC_address..MAC_address>] | [value <MAC_address>] | pos <1-3>

Adds a new exporter pass filter rule for MAC source address as follows:

any range—Configures MAC address range as <MAC_address..MAC_address>.
any value—Configures MAC address value as <MAC_address>.
pos—Configures MAC address position.

apps netflow exporter alias <alias> filter add pass vlan id

any [range <vlan1..vlan2>] | [value <1-4094>] | pos <1-4>

Adds a new exporter pass filter rule for VLAN ID as follows:

any range—Configures VLAN ID range as <vlan1..vlan2>.
any value—Configures VLAN ID value as a number between 1 and 4094.
pos—Configures VLAN ID position.

apps netflow exporter alias <alias> filter delete

all | filter-id <ID>

Deletes all existing filters on this exporter or deletes a filter by filter ID.

apps netflow exporter alias <alias> format

 

Specifies NetFlow Generation Exporter formats.

apps netflow exporter alias <alias> format cef version

 

Specifies NetFlow Generation Exporter Common Event Format (CEF).

 

23

Specifies CEF version 23.

apps netflow exporter alias <alias> format netflow version

 

Specifies NetFlow Generation Exporter versions.

 

ipfix

Specifies IPFIX.

 

netflow-v5

Specifies version 5 (v5).

 

netflow-v9

Specifies version 9 (v9). This is the default NetFlow version.

apps netflow exporter alias <alias> snmp

enable

Enables SNMP for a specified NetFlow exporter. When enabled, SNMP requests that are sent by the external exporter will be replied so that external NetFlow collectors can integrate with GigaSMART NetFlow Generation.

The default port is the SNMP UDP port. The default port number is 161.

apps netflow exporter alias <alias> template-refresh-interval

 

Specifies the NetFlow Generation template and option template refresh interval.

 

<1-216000>

Specifies the NetFlow Generation template timeout in seconds. The default is 1800.

apps netflow exporter alias <alias> transport

 

Specifies the NetFlow Generation Exporter Transport Protocol.

 

udp

Uses the NetFlow Generation UDP Transport Protocol. This is the default. The default port for syslog (for CEF format) is 514.

 

<port>

Specifies the port on which the NetFlow Generation Collector is listening. The default port for NetFlow is 2055.

apps netflow exporter alias <alias> ttl

 

Specifies the NetFlow Generation Time-To-Live (TTL) value.

 

<1-255>

Specifies the NetFlow Generation Time-To-Live value in seconds. The default is 64.

apps netflow monitor

 

Configures a NetFlow Generation Monitor.

 

alias

Configures an alias for the NetFlow Generation Monitor.

apps netflow monitor alias

<alias>

Specifies the NetFlow Monitor alias.

apps netflow monitor alias <alias>

<cr>

Enters NetFlow Generation Monitor Mode to configure a NetFlow Generation Monitor.

 

cache

Configures NetFlow Generation cache parameters.

 

description

Specifies a description for the NetFlow Generation Monitor.

 

port-list

Configures the monitor to scan specific ports for SSL. Use with NetFlow SSL metadata.

 

record

Associates a NetFlow Generation Record to the NetFlow Generation Monitor.

 

sampling

Configures NetFlow Generation Monitor sampling parameters.

apps netflow monitor alias <alias> cache

 

Specifies cache parameters for the NetFlow Generation Monitor.

 

timeout

Specifies a timeout for the entries in the NetFlow Generation cache.

apps netflow monitor alias <alias> cache timeout

 

Configures the monitor cache timeout.

 

active

Specifies the active NetFlow Generation timeout in seconds.

 

event

Specifies that the NetFlow Generation Record is generated and exported in the NetFlow Generation cache on an event.

 

inactive

Specifies the inactive NetFlow Generation timeout in seconds.

apps netflow monitor alias <alias> cache timeout active

 

Configures monitor cache timeout active.

 

<1-604800>

Specifies the active NetFlow Generation timeout value in seconds. The default is 1800.

apps netflow monitor alias <alias> cache timeout event

 

Configures monitor cache timeout event.

 

none

Configures a monitor cache timeout event of none.

 

transaction-end

Specifies that the NetFlow Generation Record is generated and exported in the NetFlow Generation Cache at the end of a transaction.

apps netflow monitor alias <alias> cache timeout inactive

 

Configures monitor cache timeout inactive.

 

<1-604800>

Specifies the inactive NetFlow Generation timeout value in seconds. The default is 15.

apps netflow monitor alias <alias> description

<string>

Specifies a description for the NetFlow Generation Monitor.

apps netflow monitor alias <alias> port-list add

<0 to 65535>

Adds specific ports to scan for SSL. List up to 10 ports to attach to the monitor. Use commas to separate the ports in the list. For example, 443,993,1000.

apps netflow monitor alias <alias> port-list all

 

Adds all ports to scan for SSL.

apps netflow monitor alias <alias> port-list delete

<0 to 65535>

Deletes specific ports to scan for SSL. List up to 10 ports to delete from the monitor. Use commas to separate the ports in the list. For example, 993,636.

apps netflow monitor alias <alias> port-list well-known-ports

 

Specifies the following SSL ports to scan for SSL:

IMAP_SSL_PORT 993
POP3_SSL_PORT 995
SMTP_SSL_PORT 465
LDAP_SSL_PORT 636
NNTP_SSL_PORT 563
HTTP_SSL_PORT 443

apps netflow monitor alias <alias> record

 

Adds or deletes a NetFlow record to or from a monitor.

 

add

Adds one or more records to a monitor, up to 5.

apps netflow monitor alias <alias> record add

<monitor record>

Specifies a name of a monitor record.

 

predefined netflow_v5_record

Specifies a predefined NetFlow monitor record, a V5 fixed record template.

apps netflow monitor alias <alias> record delete

delete <all | record-id>

Deletes all records associated with the monitor or deletes a specific record from a monitor using the record identifier.

apps netflow monitor alias <alias> sampling

 

Enables sampling or defines the sampling rates for a NetFlow monitor.

 

set

Enables sampling for a NetFlow monitor and specifies the type of sampling to be performed:

multi-rate
no-sampling
single-rate

apps netflow monitor alias <alias> sampling set

multi-rate

Enables multi-rate sampling for a NetFlow monitor. Multi-rate sampling can be applied to any record.

 

no-sampling

Disables sampling for a NetFlow monitor.

 

single-rate

Enables single-rate sampling for a NetFlow monitor. Single-rate applies to all records.

apps netflow monitor alias <alias> sampling single-rate

1 in <10-16000>

Defines the sampling rate for single-rate sampling by specifying a number for 1 in N, where N is the packet count from 10 to 16000.

apps netflow record

 

Configures a NetFlow Generation Record template.

 

alias

Configures an alias for a NetFlow Generation Record.

apps netflow record alias

 

Specifies an alias name for a NetFlow Generation Record.

 

<alias>

Specifies a NetFlow record alias.

apps netflow record alias <alias>

 

Specifies the NetFlow Generation Record alias parameters.

 

<cr>

Enters NetFlow Generation Record Mode to configure a NetFlow Generation Record template.

 

collect

Configures a non-key field for the NetFlow Generation Record.

 

description

Specifies a description for the NetFlow Generation Record (optional).

 

export-blank-pen

Configures the export of a blank pen record that contains a mix of private enterprise elements and non-private enterprise elements, however during runtime, the private enterprise elements are empty.

The options are as follows:

yes—Exports the blank or empty PEN records to the collector.
no—Does not export the blank or empty PEN records to the collector.

 

exporter

Assigns an exporter to a NetFlow record.

 

match

Configures a key field for the NetFlow Generation Record.

 

netflow-version

Specifies the NetFlow Generation Record version.

 

sampling

Adds or deletes sampling for a NetFlow record. 1 in 1 (no sampling) is the default.

apps netflow record alias <alias> collect

 

Specifies the NetFlow Generation non-key fields of the NetFlow Generation Record.

 

add

Adds a new NetFlow Generation Collect non-key field.

 

delete

Deletes an existing NetFlow Generation collect non-key field.

apps netflow record alias <alias> collect add <collect_type> <parameters>

 

Specifies the collect type and its parameters.

apps netflow record alias <alias> collect add counter

 

Adds a new NetFlow Generation Collect counter field.

apps netflow record alias <alias> collect add datalink

 

Adds a new NetFlow Generation Collect datalink field.

apps netflow record alias <alias> collect add flow

end-reason

Adds a new NetFlow Generation Collect flow field.

apps netflow record alias <alias> collect add interface input name

input name [width <1-32>]

Specifies the interface name as follows:

width—Specifies an optional parameter that indicates the size of the field, from 1 to 32 bytes. If not specified, the width of the interface name will be a maximum of 32 bytes.

In the NetFlow record, the collect field for the interface input name includes the interface ID in the format <box ID>/<slot ID>/<port ID>, for example, 1/1/x1, as well as the alias, if there is an alias associated with the interface. The total number of characters for the interface ID and alias is 128.

apps netflow record alias <alias> collect add interface input physical | output physical

<input | output> physical [width <2 | 4>]

Specifies the recording interface (ingress and/or egress) as one of the fields to be sent in the NetFlow record as follows:

input and/or output—Specifies one or both ingress and egress interfaces as collect fields.
width—Specifies an optional parameter that indicates the size of the field. The valid values are as follows:
o IPFIX: 4 bytes.
o V9: 2 or 4 bytes. The default is 2. Do not use the default of 2 for v9. Specify a width of 4 to match the actual interface port ID width, which is 4 bytes.

apps netflow record alias <alias> collect add ipv4

 

Adds a new NetFlow Generation Collect ipv4 field.

apps netflow record alias <alias> collect add ipv6

 

Adds a new NetFlow Generation Collect ipv6 field.

apps netflow record alias <alias> collect add private

pen <pen name> dns <additional-class [number-of-collects <1-10>] | additional-class-text [number-of-collects <1-10>] |additional-name [number-of-collects <1-10>] | additional-rd-length [number-of-collects <1-10>] | additional-rdata [number-of-collects <1-10> | width <1-128>] | additional-ttl [number-of-collects <1-10>] | additional-type [number-of-collects <1-10>] | additional-type-text [number-of-collects <1-10>] | an-count | ar-count |authority-class [number-of-collects <1-10>] |

Specifies the private enterprise name (pen) for capturing packets containing Domain Name Service (DNS) information as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
number-of-collects—Specifies an optional parameter that indicates the number of instances of elements that can be collected for a DNS request. The default value is 1. The range is from 1 to 10.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 128 bytes. The default is 64.
additional-class—Specifies the additional class containing one of the RR class codes.
additional-class-text—Specifies the text string of the hexadecimal value of the additional class containing one of the RR class codes.
additional-name—Specifies the domain name in the additional records section.
additional-rd-length—Specifies the length of the rdata field in the additional records section.
additional-rdata—Specifies the length of the rdata field in the additional records section.
additional-ttl—Specifies the time-to-live (TTL), which is the time interval in seconds that the record is cached in the additional records section.
additional-type—Specifies the additional type containing one of the RR type codes.
additional-type-text—Specifies the text string of the hexadecimal value of the additional type containing one of the RR type codes.
an-count—Specifies the number of resource records in the answer section.
ar-count—Specifies the number of resource records in the additional records section.
authority-class—Specifies the authority class containing one of the RR class codes.

apps netflow record alias <alias> collect add private

(continued)

authority-class-text [number-of-collects <1-10>] | authority-name [number-of-collects <1-10>] | authority-rd-length [number-of-collects <1-10>] | authority-rdata [number-of-collects <1-10> | width <1-128>] | authority-ttl [number-of-collects <1-10>] | authority-type [number-of-collects <1-10>] | authority-type-text [number-of-collects <1-10>] | bits | identifier | ns-count | op-code | qd-count | query-class [number-of-collects <1-10>] | query-class-text [number-of-collects <1-10>] | query-name [number-of-collects <1-10>] | query-type [number-of-collects <1-10>] |

authority-class-text—Specifies the text string of the hexadecimal value of the authority class containing one of the RR class codes.
authority-name—Specifies the domain name in the authority section.
authority-rd-length—Specifies the length of the rdata field in the authority section.
authority-rdata—Specifies the content that describes the resource in the authority section.
authority-ttl—Specifies the time-to-live (TTL), which is the time interval in seconds that the record is cached in the authority section.
authority-type—Specifies the authority type containing one of the RR type codes.
authority-type-text—Specifies the text string of the hexadecimal value of the authority type containing one of the RR type codes.
bits—Specifies the variable length of a bit map.
identifier—Specifies an identifier generated by the device that creates the DNS query and is copied by the server into the response so it can be used by that device to match that query to the corresponding reply received from the DNS server.
ns-count—Specifies the number of the name server (NS) resource records in the authority records section.
op-code—Specifies the query type.
qd-count—Specifies the number of entries in the question section.
query-class—Specifies the query format containing one of the RR class codes.
query-class-text—Specifies the text string of the hexadecimal value of the query class containing one of the RR type codes.
query-name—Specifies the domain name requested in the query (maximum 64 bytes).
query-type—Specifies the query format containing one of the RR type codes.

apps netflow record alias <alias> collect add private

(continued)

query-type-text [number-of-collects <1-10>] | response-class [number-of-collects <1-10>] | response-class-text [number-of-collects <1-10>] | response-code | response-ipv4-addr [number-of-collects <1-10>] |response-ipv4-addr-text [number-of-collects <1-10>] |response-ipv6-addr [number-of-collects <1-10>] | response-ipv6-addr-text [number-of-collects <1-10>]response-name [number-of-collects <1-10>] | response-rd-length [number-of-collects <1-10>] | response-rdata [number-of-collects <1-10> | width <1-128>] | response-ttl [number-of-collects <1-10>] | response-type [number-of-collects <1-10>] |response-type-text [number-of-collects <1-10>]>

query-type-text—Specifies the text string of the hexadecimal value of the query format containing one of the RR type codes.
response-class—Specifies the response format containing one of the RR class codes.
response-class-text—Specifies the text string of the hexadecimal value of the response format containing one of the RR class codes.
response-code—Specifies the type of the response.
response-ipv4-addr—Specifies the IPv4 address in the response if the response type host and class are Internet/IPv4.
response-ipv4-addr-text—Specifies the text string of the hexadecimal value of the IPv4 address in the response if the response type host and class are Internet/IPv4.
response-ipv6-addr—Specifies the IPv6 address in the response if the response type host and class are Internet/IPv6.
response-ipv6-addr-text—Specifies the text string of the hexadecimal value of the IPv6 address in the response if the response type host and class are Internet/IPv6.
response-name—Specifies the domain name in the response (maximum 64 bytes).
response-rd-length—Specifies the length of the rdata field in the response data field.
response-rdata—Specifies the content that describes the resource in the response data field.
response-ttl—Specifies the time-to-live (TTL), which is the time interval in seconds that the record is cached.
response-type—Specifies the response type containing one of the RR Type codes.
response-type-text—Specifies the text string of the hexadecimal value of the response type containing one of the RR Type codes.

apps netflow record alias <alias> collect add private

pen <pen name> http response-code

Specifies the private enterprise name (pen) for capturing HTTP response codes as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
response-code—Captures any packet with an HTTP response code embedded in it. For IPFIX only.

apps netflow record alias <alias> collect add private

pen <pen name> http url [width <1-250>]

Specifies the private enterprise name (pen) for capturing packet URLs as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
url—Captures any packet with a URL embedded in it. For IPFIX only.
width—Specifies an optional parameter that indicates the maximum URL length that is allowed in the data record, from 1 to 250 bytes. If not specified, the URL will be a maximum of 128 bytes.

apps netflow record alias <alias> collect add private

pen <pen name> http user-agent [width <1-250>]

Specifies the private enterprise name (pen) for capturing user agents as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
user-agent—Gathers information about the user agent involved in the packet transfer. The user agent appears in the HTTP request header. It is a variable that will be filled in by the browser.
width—Specifies an optional parameter that indicates the maximum user agent length that is allowed in the data record, from 1 to 250 bytes. If not specified, the user agent length has a default of 150 bytes.

apps netflow record alias <alias> collect add private

pen <pen name> ssl certificate <issuer [width <1-250>] | issuerCommonName [width <1-64>] | serialNumber | serialNumber-text | signatureAlgorithm |signatureAlgorithm-text | subject [width <1-250>] | subjectAlgorithm | subjectAlgorithm-text |

Specifies the private enterprise name (pen) for capturing SSL certificate metadata as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
issuer—Specifies the certificate issuer.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 250 bytes. The default is 128.
issuerCommonName—Specifies the certificate issuer common name, which is a subset of issuer.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 64 bytes. The default is 32.
serialNumber—Specifies the unique number for each certificate issued by a given CA.
serialNumber-text—Specifies the text string of the hexadecimal value of the unique number for each certificate issued by a given CA.
signatureAlgorithm—Specifies the identifier for the cryptographic algorithm used by the CA to sign the certificate.
signatureAlgorithm-text—Specifies the text string of the hexadecimal value of the identifier for the cryptographic algorithm used by the CA to sign the certificate.
subject—Specifies the certificate subject.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 250 bytes. The default is 128.
subjectAlgorithm—Specifies the subject public key algorithm used, such as RSA or DSA.
subjectAlgorithm-text—Specifies the text string of the hexadecimal value of the subject public key algorithm used, such as RSA or DSA.

apps netflow record alias <alias> collect add private

(continued)

subjectAltName [width <1-64>] | subjectCommonName | [width <1-64>] | subjectKeySize | validNotAfter | validNotAfter-text | validNotBefore | validNotBefore-text>

subjectAltName—Specifies the subject alternative name, which allows identities to be bound to the subject. The first subjectAltName present in the certificate is collected.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 64 bytes. The default is 32.
subjectCommonName—Specifies the certificate subject common name, which is a subset of subject.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 64 bytes. The default is 32.
subjectKeySize—Specifies the subject public key size.
validNotAfter—Specifies the date on which the certificate validity period ends. The format is YYMMDDHHMMSSZ, where Z is Zulu time (GMT).
validNotAftertext—Specifies the text string of the date on which the certificate validity period ends. The format is MMM DD HH:SS YYYY GMT.
validNotBefore—Specifies the text string of the date on which the certificate validity period begins. The format is YYMMDDHHMMSSZ, where Z is Zulu time (GMT).
validNotBefore-text—Specifies the text string of the date on which the certificate validity period begins. The format is MMM DD HH:SS YYYY GMT.

 

apps netflow record alias <alias> collect add private

pen <pen name> ssl server <cipher | cipher-text | compressionMethod | nameIndication [width <1-64>] | sessionId | version | version-text>

Specifies the private enterprise name (pen) for capturing SSL server metadata as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
cipher—Specifies the cipher that the server agreed to use for that session.
cipher-text—Specifies the text string of the hexadecimal value of the cipher that the server agreed to use for that session.
compressionMethod—Specifies the server compression method, which is typically NULL.
nameIndication—Specifies the extension to the TLS protocol by which a client indicates the hostname to which it is attempting to connect at the start of the handshaking process.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 64 bytes. The default is 32.
sessionId—Specifies the session identifier, generated by a server, which identifies a particular session.
version—Specifies the version of SSL.
version-text—Specifies the text string of the hexadecimal value of the version of SSL.

 

apps netflow record alias <alias> collect add private

pen <pen name> ssl server <cipher | cipher-text | compressionMethod | nameIndication [width <1-64>] | sessionId | version | version-text>

Specifies the private enterprise name (pen) for capturing SSL server metadata as follows:

pen <pen name>—Specifies a pen name. The only valid pen name is gigamon.
cipher—Specifies the cipher that the server agreed to use for that session.
cipher-text—Specifies the text string of the hexadecimal value of the cipher that the server agreed to use for that session.
compressionMethod—Specifies the server compression method, which is typically NULL.
nameIndication—Specifies the extension to the TLS protocol by which a client indicates the hostname to which it is attempting to connect at the start of the handshaking process.
width—Specifies an optional parameter that indicates the maximum length of the field, from 1 to 64 bytes. The default is 32.
sessionId—Specifies the session identifier, generated by a server, which identifies a particular session.
version—Specifies the version of SSL.
version-text—Specifies the text string of the hexadecimal value of the version of SSL.

 

apps netflow record alias <alias> collect add timestamp

flow-start-sec | flow-end-sec | flow-start-msec | flow-end-msec | sys-uptime <first | last>

Adds a new NetFlow Generation Collect timestamp field.

apps netflow record alias <alias> collect add transport

 

Adds a new NetFlow Generation Collect transport field.

apps netflow record alias <alias> collect delete

 

Configures record collect delete.

 

all

Deletes all NetFlow Generation collect non-key fields with an associated NetFlow Generation Record.

 

collect-id

Deletes NetFlow Generation collect non-key fields corresponding to a particular Collect ID.

apps netflow record alias <alias> collect delete collect-id

 

Deletes collect key field corresponding to a Collect ID.

 

<integer>

Specifies the collect ID.

apps netflow record alias <alias> description

 

Specifies a description for the NetFlow Generation Record.

 

<string>

Specifies a description for the NetFlow Generation Record.

apps netflow record alias <alias> export-blank-pen

 

Specifies whether or not to export a NetFlow record when there is a mix of private and non-private elements in the record.

 

no

Does not export the NetFlow record when there is a mix of private and non-private elements in the record.

 

yes

Exports the NetFlow record when there is a mix of private and non-private elements in the record.

apps netflow record alias <alias> exporter

 

Adds an exporter to a NetFlow record, or removes an exporter from a NetFlow record.

 

add <record exporter>

Adds an exporter to a NetFlow record.

 

delete <all | exporter-id <exporter-id>

Removes an exporter from a NetFlow record or removes all exporters.

apps netflow record alias <alias> match

 

Specifies key fields for the NetFlow Generation Record.

 

add

Adds a NetFlow Generation new match key field.

 

delete

Deletes an existing NetFlow Generation match key field.

apps netflow record alias <alias> match add <match_type> <parameters>

 

Specifies the NetFlow Generation match type and its associated parameters.

apps netflow record alias <alias> match add datalink

 

Adds a new NetFlow Generation Match datalink field.

apps netflow record alias <alias> match add interface

input physical [width <2 | 4>]

Specifies the input interface as one of the key fields for flow identification as follows:

input—Denotes using the packet ingress interface as key field.
width—Specifies an optional parameter that indicates the size of the field. The valid values are as follows:
o IPFIX: 4 bytes.
o V9: 2 or 4 bytes. The default is 2. Do not use the default of 2 for v9. Specify a width of 4 to match the actual interface port ID width, which is 4 bytes.

apps netflow record alias <alias> match add ipv4

 

Adds a new NetFlow Generation Match ipv4 field.

apps netflow record alias <alias> match add ipv6

 

Adds a new NetFlow Generation Match ipv6 field.

apps netflow record alias <alias> match add transport

 

Adds a new NetFlow Generation Match transport field.

apps netflow record alias <alias> match delete

 

Configures record match delete.

 

all

Deletes all NetFlow Generation Match key fields for a particular NetFlow Generation Flow Record.

 

match-id

Deletes the NetFlow Generation match key field corresponding to a particular Match ID.

apps netflow record alias <alias> match delete match-id

 

Deletes match key field corresponding to Match ID.

 

<integer>

Specifies a match ID.

apps netflow record alias <alias> netflow-version

 

Specifies a version for the NetFlow Generation Record.

 

ipfix

Specifies NetFlow Generation Version IPFIX.

 

netflow-v9

Specifies NetFlow Generation version 9. This is the default.

apps netflow record alias <alias> sampling

 

Specifies a sampling rate or disables sampling on a NetFlow record.

 

delete

Disables sampling on a NetFlow record.

 

set

Specifies the sampling rate for a NetFlow record as 1 in N, where N is a number from 1 to 16000.

gsparams gsgroup <alias>

 

Associates a NetFlow Generation Monitor to a specified GigaSMART group.

 

netflow-monitor

Enables a NetFlow Generation Monitor on a GigaSMART group.

gsparams gsgroup <alias> netflow-monitor

 

Configures NetFlow Monitor.

 

add <Monitor name>

Adds a NetFlow Generation Monitor.

 

delete

Deletes a NetFlow Generation Monitor.

gsop alias <alias> flow-ops

 

Enables flow processing.

 

netflow

Enables NetFlow Generation.

Related Commands

The following table summarizes other commands related to the apps netflow command:

Task

Command

Displays general NetFlow information.

# show apps netflow

Displays NetFlow exporters.

# show apps netflow exporter

Displays NetFlow exporter for a specified alias.

# show apps netflow exporter alias exp1

Displays all NetFlow exporters configured.

# show apps netflow exporter all

Displays NetFlow exporter statistics.

# show apps netflow exporter stats

Displays statistics for a specified NetFlow exporter.

# show apps netflow exporter stats alias exp1

Displays statistics for all NetFlow exporters.

# show apps netflow exporter stats all

Displays NetFlow monitors.

# show apps netflow monitor

Displays NetFlow monitor for a specified alias.

# show apps netflow monitor alias mon1

Displays all NetFlow monitors configured.

# show apps netflow monitor all

Displays NetFlow monitor statistics.

# show apps netflow monitor stats

Displays statistics for a specified NetFlow monitor.

# show apps netflow monitor stats alias mon1

Displays statistics for all NetFlow monitors.

# show apps netflow monitor stats all

Displays NetFlow port ID.

# show apps netflow port-id

Displays NetFlow records.

# show apps netflow record

Displays NetFlow record for a specified alias.

# show apps netflow record alias rec1

Displays all NetFlow records configured.

# show apps netflow record all

Deletes a specified NetFlow exporter.

(config) # no apps netflow exporter alias exp1

Disables SNMP for a specified NetFlow exporter.

(config) # no apps netflow exporter alias exp1 snmp enable

Disables SNMP for a specified NetFlow exporter.

(config) # apps netflow exporter alias exp1 no snmp enable

Deletes all NetFlow exporters.

(config) # no apps netflow exporter all

Deletes a specified NetFlow monitor.

(config) # no apps netflow monitor alias mon1

Deletes all NetFlow monitors.

(config) # no apps netflow monitor all

Deletes a specified NetFlow record.

(config) # no apps netflow record alias rec1

Deletes the predefined NetFlow v5 record.

(config) # no apps netflow record alias predefined_netflow_v5_record

Deletes all NetFlow records.

(config) # no apps netflow record all