These instructions assume:
- The date, time and time zone are correctly set on the firewall.
- You have administration access to the Palo Alto dashboard.
- The IP address of your Auvik collector is known.
Access the Palo Alto web interface
- Open a web browser and type in the IP address of the Palo Alto firewall.
- Log into your firewall.
Create a NetFlow server profile
- Select Device > Server Profiles > NetFlow and click Add.
- Enter TrafficInsights as the name for the profile.
- Set the default Template Refresh Rate to 5 minutes and 20 packets.
- For the Active Timeout, set the value at 1 minute.
- Select the checkbox for the PAN-OS Field Types.
- For each NetFlow collector section, click Add.
- Name: TrafficInsights
- Server: <Auvik Collector IP>
- Port: <2055, 2056, 4432, 4739, 6343, 9995 or 9996>
- Click Okay.
Assign the NetFlow server profile
The steps below specify a LAN interface for collecting NetFlow data. For a different interface, choose your desired interface in step 2.
- Select Network > Interfaces > Ethernet.
- Click a LAN interface to edit it.
- In the NetFlow Profile drop-down, select the TrafficInsights server profile.
- Click Okay.