78-4
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter78 Configuring NetFlow Secure Event Logging (NSEL)
Guidelines and Limitations
Guidelines and Limitations
This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Firewall Mode Guidelines
Supported in routed and transparent firewall mode.
IPv6 Guidelines
Supports IPv6 for the class-map, match any and class-default commands. The match access-list
commands only support IPv4 access lists.
Additional Guidelines and Limitations
If you have previously configured flow-export actions using the flow-export enable command, and
you upgrade to a later version, then your configuration is automatically converted to the new
Modular Policy Framework flow-export event-type command, which is described under the
policy-map command.
Flow-export actions are not supported in interface-based policies. You can configure flow-export
actions in a class-map only with the match access-list, match any, or class-default commands. You
can only apply flow-export actions in a global service policy.
To view bandwidth usage for NetFlow records (not available in real-time), you must use the threat
detection feature.
Configuring NSEL
This section describes how to configure NSEL and includes the following topics:
Configuring NSEL Collectors, page78-5
Configuring Flow-Export Actions Through Modular Policy Framework, page78-5
Configuring Template Timeout Intervals, page78-7
Changing the Time Interval for Sending Flow-Update Events to a Collector, page78-8
Disabling and Reenabling NetFlow-related Syslog Messages, page78-9
Clearing Runtime Counters, page78-10