For details on cookie usage on our site, read our Privacy Policy
Does anyone know what the netflow sample rate is on PA5000 series? Is it 1 to 1 or 1 to 50?
- LIVEcommunity
- Discussions
- General Topics
- Does anyone know what the netflow sample rate is on PA5000 series? Is it 1 to 1 or 1 to 50?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Does anyone know what the netflow sample rate is on PA5000 series? Is it 1 to 1 or 1 to 50?
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-25-2013 07:35 AM
We are sending netflow traffic to our SIEM and wanted to know is what the sample rate if there is one on our 5060s. We have to gage our SIEM retention based on flows per second. We are putting in more 5060s and trying to figure out how much netflow traffic would be sent there.
- Mark as New
- Subscribe to RSS Feed
- Permalink
07-25-2013 10:50 PM
I don't think PA firewalls support sampling rate for Netflow .
Sampling Rate was a introduced by Cisco and is also configurable on Juniper Firewalls.
Following configurable factors govern how/when the Netflow records are exported to the Netflow Collector:
#Template Refresh Rate:
Minutes : No. of packets after which the Netflow template is refreshed . (default 30 min,range 1-3600)
OR
Packets : No. of packets after which the Netflow template is refreshed. ( default 20 ,range 1-600)
#Active Timeout
Frequency at which data records are exported for each session (minutes).(Def-5 max 60)
Netflow stats can be viewed from the CLI using the following CLI command:
>debug log-receiver netflow statistics
HTH
- Downgared or migration PA7000 series to PA5000 Series in Next-Generation Firewall Discussions
- Netflow & 3200 Series in General Topics
- MT v3.3.15 doesn't appear to import/upload PANOS xml file from my PA-820 running v8.0.7 in General Topics
- Logs to both Panorama in HA in General Topics
- [PA5000] I want to know about End-of-Sale of PA5000 series firewall. in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
