YAF Flow Probe Configuration

This document outlines the steps to configure YAF Flow Probe for IPFIX flow export with ObserveOps Flow Explorer.

Configuration Steps

Run the YAF flow probe with the following command, targeting the Motadata ObserveOps server:

sudo yaf --in eth0 --live pcap --out {MOTADATA_NETFLOW_SERVER_IP} --ipfix udp --ipfix-port=2055 --stats=300 --mac --idle-timeout=60 --active-timeout=60 --udp-temp-timeout=300 --force-read-all --silk --observation-domain=42 --flow-stats --delta --ingress=1 --egress=1 --max-payload=128 --export-payload --udp-payload --entropy --applabel --p0fprint --fpexport

After completing the configuration, navigate to Menu > Flow Explorer and select Explorer to view the active flow data.

Configuration Steps​

Configuration Steps