ASA NSEL "deny" flows in Netflow Analyzer

ASA NSEL "deny" flows in Netflow Analyzer

Hi,

Are there any option to view  in NetFlow Analyzer flows generated by NSEL "Deny" events (Event_ID=3)?

It is crucial for my prospective customer .

To test this funcionality, we have termporary changed ASA config  to  register only deny flows:

policy-map global-policy

class netflow-traffic

  flow-export event-type flow-denied destination NFA

 

After change I don't see any statistics in Netflow Analyzer from ASA


I also  checked raw data table in MySQL and found only  Event_ID = (0, 1 or 2) (generated before ASA config change).

In Wireshark   I see an NFA server receiving   deny events ( Event_ID = 3)  from ASA.
Is there any way to get info about "deny" flows   in Netflow Analyzer? Either reported or raw?

Thanking you advance
Best regards

Marek Osuch



                New to ADSelfService Plus?