Cisco Cisco ASA 5525-X Adaptive Security Appliance
11
Cisco ASA NetFlow Implementation Guide
About NSEL
Templates for Extended Flow Teardown Events
describes the templates that are used for extended flow-teardown events.
Table 6
Templates for Extended Flow Teardown Events
Description
Fields
Extended IPv44 flow
teardown with common
username size (20 chars)
teardown with common
username size (20 chars)
NF_F_CONN_ID, NF_F_SRC_ADDR_IPV4, NF_F_SRC_PORT,
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV4, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE,
NF_F_ICMP_CODE, NF_F_XLATE_SRC_ADDR_IPV4,
NF_F_XLATE_DST_ADDR_IPV4, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV4, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE,
NF_F_ICMP_CODE, NF_F_XLATE_SRC_ADDR_IPV4,
NF_F_XLATE_DST_ADDR_IPV4, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME
Extended IPv44 flow
teardown with maximum
username size (65 chars)
teardown with maximum
username size (65 chars)
NF_F_CONN_ID, NF_F_SRC_ADDR_IPV4, NF_F_SRC_PORT,
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV4, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE,
NF_F_ICMP_CODE, NF_F_XLATE_SRC_ADDR_IPV4,
NF_F_XLATE_DST_ADDR_IPV4, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT,
NF_F_EVENT_TIME_MSEC,NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME_MAX
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV4, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE,
NF_F_ICMP_CODE, NF_F_XLATE_SRC_ADDR_IPV4,
NF_F_XLATE_DST_ADDR_IPV4, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT,
NF_F_EVENT_TIME_MSEC,NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME_MAX
Extended IPv66 flow
teardown with common
username size (20 chars)
teardown with common
username size (20 chars)
NF_F_CONN_ID, NF_F_SRC_ADDR_IPV6, NF_F_SRC_PORT,
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV6, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE_IPV6,
NF_F_ICMP_CODE_IPV6, NF_F_XLATE_SRC_ADDR_IPV6,
NF_F_XLATE_DST_ADDR_IPV6, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DEST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV6, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE_IPV6,
NF_F_ICMP_CODE_IPV6, NF_F_XLATE_SRC_ADDR_IPV6,
NF_F_XLATE_DST_ADDR_IPV6, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DEST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME
Extended IPv66 flow
teardown with maximum
username size (65 chars)
teardown with maximum
username size (65 chars)
NF_F_CONN_ID, NF_F_SRC_ADDR_IPV6, NF_F_SRC_PORT,
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV6, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE_IPV6,
NF_F_ICMP_CODE_IPV6, NF_F_XLATE_SRC_ADDR_IPV6,
NF_F_XLATE_DST_ADDR_IPV6, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DEST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME_MAX
NF_F_SRC_INTF_ID, NF_F_DST_ADDR_IPV6, NF_F_DST_PORT,
NF_F_DST_INTF_ID, NF_F_PROTOCOL, NF_F_ICMP_TYPE_IPV6,
NF_F_ICMP_CODE_IPV6, NF_F_XLATE_SRC_ADDR_IPV6,
NF_F_XLATE_DST_ADDR_IPV6, NF_F_XLATE_SRC_PORT,
NF_F_XLATE_DEST_PORT, NF_F_FW_EVENT,
NF_F_FW_EXT_EVENT, NF_F_EVENT_TIME_MSEC,
NF_F_FWD_FLOW_DELTA_BYTES,
NF_F_REV_FLOW_DELTA_BYTES,
NF_F_FLOW_CREATE_TIME_MSEC, NF_F_INGRESS_ACL_ID,
NF_F_EGRESS_ACL_ID, NF_F_USERNAME_MAX