This post is more of a survey of anyone that may be experiencing the same issue. We have a case open with PA and they have identified a bug. The fix, as I'm told, is that it will be addressed in a future release but they couldn't say when or what release. I searched the Live Community forums and found the issue occurring in an older 10.x version. https://live.paloaltonetworks.com/t5/general-topics/change-in-netflow-behavior-in-pan-os-10/m-p/3910... . This earlier post is over a year old. Our issue is identical specifically, NF is reporting application traffic in the Tbps and even Pbps range since we upgraded from 9.1.4 to 10.1.4-h4. As we use PA native SDWAN this is impacting all reporting from our WAN sites, as well as DC traffic reporting, Internet traffic reporting, etc. Our netflow collectors (Scrutinizer and Riverbed Steel Central) have been rendered useless while PA decides when to release a fix.
I'm just curious if anyone else has experienced this bug? If so, what has been your recourse to address the issue, or are you simply awaiting a fix as we are?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!