Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Network Configuration Manager (NCM) > NCM 7.6 Administrator Guide > Config change templates > Enable NetFlow on Cisco ASA example

Enable NetFlow on Cisco ASA example

Created by Caroline Juszczak, last modified by Anthony.Rinaldi on Oct 03, 2016

Views: 19 Votes: 0 Revisions: 5

A config change template named Enable NetFlow on CiscoASA installs with SolarWinds NCM. It configures a CiscoASA for NetFlow export.

Here are the commands that this template executes on the command line of the targeted devices selected in the template's run-time setup wizard. For this example, we are including values as if the user entered them in the wizard interface.

configure terminal
flow-export destination inside 10.10.18.157 2055
flow-export template timeout-rate 1
flow-export delay flow-create 60
logging flow-export syslogs disable
access-list netflow-export extended permit ip any
class-map netflow-export-class
match access-list netflow-export
policy-map netflow-policy
class netflow-export-class
flow-export event-type all destination 10.10.18.157
service-policy netflow-policy global
flow-export enable
exit
end

You could execute this set of CLI commands on your target device and the result would be config changes in the status of NetFlow data processing by the device.

The config change template that produces this output of CLI commands is:

/*
.CHANGE_TEMPLATE_DESCRIPTION
	This change template configures your Cisco ASA for
	NetFlow export. This was verified on an ASA 5505
	running ASA software version 8.2(1)12.
.CHANGE_TEMPLATE_TAGS
	Cisco, ASA, NetFlow
.PLATFORM_DESCRIPTION
	Cisco ASA

.PARAMETER_LABEL @ContextNode
	NCM Node
.PARAMETER_DESCRIPTION @ContextNode
	The node the template will operate on.
	All templates require this by default. The target
	node is selected during the first part of the
	wizard so it will not be available for selection
	when defining values of variables.

.PARAMETER_LABEL @NetFlowCollectorIPAddress
	NetFlow Collector IP Address
.PARAMETER_DESCRIPTION @NetFlowCollectorIPAddress
	Enter the IP address of the server running the
	NetFlow traffic analysis solution (for example:
	SolarWinds NetFlow Traffic Analyzer).

.PARAMETER_LABEL @NetFlowExportPort
	NetFlow Export Port
.PARAMETER_DESCRIPTION @NetFlowExportPort
	Enter the NetFlow export port
	The default for SolarWinds NTA is 2055.
*/

script EnableNetflowOnCiscoASA (   
		NCM.Nodes @ContextNode, 
		string @NetFlowCollectorIPAddress, 
		int @NetFlowExportPort             )
{
	// Enter configuration mode and generate
	   NetFlow commands
	CLI 
	{
		configure terminal
		flow-export destination inside @NetFlowCollectorIPAddress @NetFlowExportPort
		flow-export template timeout-rate 1
		flow-export delay flow-create 60
		logging flow-export-syslogs disable
		access-list netflow-export extended permit ip any any
		class-map netflow-export-class
		match access-list netflow-export
		policy-map netflow-policy 
		class netflow-export-class
		flow-export event-type all destination @NetFlowCollectorIPAddress
		service-policy netflow-policy global
		flow-export enable 
		exit
	}
}

Parameters

The parameters defined at the beginning of this script create an interface in which the user types the IP address and port of the NetFlow receiver.

.PARAMETER_LABEL @NetFlowCollectorIPAddress
	NetFlow Collector IP Address
.PARAMETER_DESCRIPTION @NetFlowCollectorIPAddress
	Enter the IP address of the server running the NetFlow traffic analysis solution (e.g. SolarWinds NetFlow Traffic Analyzer--NTA).

.PARAMETER_LABEL @NetFlowExportPort
	NetFlow Export Port
.PARAMETER_DESCRIPTION @NetFlowExportPort
	Enter the NetFlow export port (default for SolarWinds NTA is 2055).

The first line defines the parameter or variable name (in this case, @NetFlowCollectorIPAddress) for which the user enters a value in the wizard interface text box at run time. The second line defines the label (in this case, NetFlow Collector IP Address) that appears in the wizard interface to prompt the user to enter the appropriate IP address. The third and fourth lines define the description that appears below the wizard interface text box.

The parameters for NetFlow Export Port (in lines 5-12) function exactly the same way as the first four. The parameter variables, labels, and descriptions guide the config change template's run-time execution by receiving specific user input.

Command Declarations (script)

The script declarations include all the variables for which the template prompts the user to provide input. In this case, three variables and their data types are declared:

script EnableNetflowOnCiscoASA (   
		NCM.Nodes @ContextNode, 
		string @NetFlowCollectorIPAddress, 
		int @NetFlowExportPort             )
{

NCM.Nodes is applied to the @ContextNode variable. NCM.Nodes refers to the Nodes entity in the SolarWinds Information Service (SWIS). In the interface wizard, the user enters a string value for the NetFlow Collector IP Address and an integer value for the NetFlow Export Port on the device.

For a complete list of entities and properties, see SolarWinds Information Service data entities.

CLI Commands

The majority of config change template code outputs original CLI commands with only a few parsed variables. Any time a variable is referenced, a value is used in its place. For example, since the user typed 10.10.18.157 as the IP address and 2055 as the collector port number, NetFlowCollectorIPAddress is replaced with 10.10.18.157 and @NetFlowExportPort is replaced with 2055 when the script runs.

flow-export destination inside @NetFlowCollectorIPAddress @NetFlowExportPort

The previous line of code generates the following output:

flow-export destination inside 10.10.18.157 2055

 

Last modified
11:21, 3 Oct 2016

Tags

Classifications

Public