Cisco ASA 5505 User Manual
Page 1770
78-6
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 78 Configuring NetFlow Secure Event Logging (NSEL)
Configuring NSEL
Step 3
policy-map
flow_export_policy
Example:
hostname(config)# policy-map flow_export_policy
Defines the policy map to apply flow-export actions
to the defined classes. The flow_export_policy
argument is the name of the policy map.
If you create a new policy map and apply it globally
according to Step 6, the remaining inspection policies
are deactivated.
Alternatively, to insert a NetFlow class in the existing
policy, enter the class flow_export_class command
after the policy-map global_policy command.
For more information about creating or modifying
the Modular Policy Framework, see
“Configuring a Service Policy Using the Modular
Policy Framework.”
Step 4
class
flow_export_class
Example:
hostname (config-pmap)# class flow_export_class
Defines the class to apply flow-export actions. The
flow_export_class argument is the name of the class.
Step 5
flow-export event-type
event-type destination
flow_export_host1 [flow_export_host2]
Example:
hostname (config-pmap-c)# flow-export event-type all
destination 209.165.200.230
Configures a flow-export action. The event_type
keyword is the name of the supported event being
filtered. The flow_export_host argument is the IP
address of a host. The destination keyword is the IP
address of the configured collector.
Step 6
service-policy
flow_export_policy global
Example:
hostname (config)# service-policy flow_export_policy
global
Adds or edits the service policy globally. The
flow_export_policy argument is the name of the
policy map.
Command
Purpose