Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Current »

Introduction

The tags beginning with netstat.netflow identify NetFlow event data.

Valid tags and data tables 

The full tag must have 4 levels. The first two are fixed as netstat.netflow. The third level identifies the type of events sent and the fourth indicates the event subtypes.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

NetFlow traffic

netstat.netflow.ipfix

netstat.netflow.ipfix

netstat.netflow.lt

netstat.netflow.lt

netstat.netflow.v9

netstat.netflow.v9

For more information, read more about Devo tags.

Sending to Devo

NetFlow traffic should be forwarded to the dedicated, preconfigured NetFlow port 12999 on a Devo Relay for v7 and earlier. For v9 and later, Netflow traffic should be forwarded to the dedicated, preconfigured NetFlow port 12998 but it also needs an additional decoder installed (please contact Devo for this). All events received on these ports are tagged accordingly and forwarded securely to the Devo Cloud.

  • No labels