How to decode NetFLOW in WireShark
Article ID: 48837
Updated On:
Products
CA Application Delivery Analysis MTP (NetQoS / ADA)
CA Infrastructure Performance
CA NetVoyant (NetQoS / NV)
CA eHealth
Issue/Introduction
Description:
How to decode NetFLOW in WireShark
For more information on WireShark please go to WireShark.com website.
Solution:
- Install wireshark
- Double click on the capture file
- Filter to the device (display filter "ip.addr == 10.252.1.6")
- Right click on the netflow packets and select "Decode As"
- Transport layer, UDP destination 9995 as CFLOW
Environment
Release: RAIB1H99000-9.1-Network Flow Analysis-Interface Bundle-Hardware
Component:
Component:
Feedback
Yes
No
Powered by
