Flow monitoring is a network visibility technology that captures, analyzes, and exports detailed information about network traffic patterns using protocols such as NetFlow v5, NetFlow v9, and IPFIX (IP Flow Information Export). It provides comprehensive traffic analytics by collecting metadata about network conversations including source/destination addresses, ports, protocols, packet counts, byte counts, and timing information without examining actual packet payloads. Flow monitoring enables network administrators to perform capacity planning, security analysis, application performance monitoring, and billing by providing granular insights into network utilization patterns and application behavior.
Example 1: The example below shows configuration to monitor IPv4 traffic flows based on specified match criteria and send it to a remote collector. It configures 1 monitor which associates a flow record and a flow exporter, and manage flow cache. Flow exporter contains information to send data to the remote collector with attirbutes like destination IP, source loopback, protocol, port, etc. The flow record defines the specifics fields to match and collect from network traffic flows.