Is anyone successfully getting NetFlow to work on Cisco 9300 switch stacks? I only get the CBQoS information to display, not NetFlow. Here's my config:
flow record OrionFlowRecord
description Flow Record for Orion and QRadar
match ipv4 tos
match ipv4 protocol
match ipv4 source address
match ipv4 destination address
match transport source-port
match transport destination-port
collect transport tcp flags
collect counter bytes long
collect counter packets long
collect timestamp absolute first
collect timestamp absolute last
!
!
flow exporter OrionFlowExporter
description NetFlow exporter to Orion
destination 10.2.12.210
source Vlan100
transport udp 2055
template data timeout 90
option application-table timeout 60
option application-attributes timeout 300
!
!
flow exporter QRadarFlowExporter
description NetFlow exporter to QRadar
destination 10.2.100.7
source Vlan100
transport udp 2048
template data timeout 90
option application-table timeout 60
option application-attributes timeout 300
!
!
flow monitor OrionQRadarFlowMonitor
description NetFlow monitor for Orion and QRadar
exporter QRadarFlowExporter
exporter OrionFlowExporter
cache timeout inactive 30
cache timeout active 60
record OrionFlowRecord
interface TenGigabitEthernet1/1/8
description LAN Routed link to DC-Core1 T1/2
no switchport
ip flow monitor OrionQRadarFlowMonitor input
ip flow monitor OrionQRadarFlowMonitor output
ip address 10.255.3.1 255.255.255.252
no ip redirects
no ip proxy-arp
ip ospf message-digest-key 10 md5 7
service-policy input AutoQos-4.0-Trust-Cos-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
ip nbar protocol-discovery
