Configuring Fortigate FortiOS
This document outlines the configuration steps required to enable NetFlow flow export on Fortigate devices running FortiOS version 5.2 and above. Follow the provided commands to ensure successful integration with a ObserveOps (formerly known as AIOps) Flow Explorer server.
Configure NetFlow Export
Configure NetFlow export settings:
config system MFEnetflow
set collector-ip {MOTADATA_SERVER_IP}
set collector-port 2055
set source-ip {IP address of Device}
set active-flow-timeout 1
set inactive-flow-timeout 15
endFor each interface, execute the following:
config system interface
edit <interface name>
set MFEnetflow-sampler tx
end
Configure for VDOM Environment
For devices operating in a VDOM environment, use the following commands:
config system vdom–MFEnetflow
set vdom–MFEnetflow enable
set collector-ip {MOTADATA_SERVER_IP}
set collector-port 2055
set source-ip loopback1
endFor each interface, execute the following:
config system interface
edit <interface name>
set MFEnetflow-sampler tx
end
Review NetFlow Configuration
To verify your NetFlow configuration, use the following commands in CLI mode:
diagnose test application sflowd 3
diagnose test application sflowd 4
After completing the configuration, NetFlow data will begin exporting, and you will start seeing results in the ObserveOps Flow Explorer UI.