Solarwinds Orion SNMP & Netflow (Cisco)

Below are some configs that work with Solarwinds Orion.

============SNMPv3
=====IOS:

snmp-server view SNMPv3View Internet included
snmp-server group SNMPv3Group v3 priv Read SNMPv3View Write SNMPv3View
snmp-server user SNMPv3User SNMPv3Group v3 auth sha [password] priv aes 256 [password]
snmp-server group SNMPv3Group v3 priv context vlan match prefix
snmp-server host [ip-orionServer] version 3 auth SNMPv3Group

=====On the server side:
Orion_Config

============NETFLOW
=====IOS-XE:

flow record FLOW-RECORD_NETFLOW
 description NETWORK TRAFFIC TO MONITOR
 match ipv4 tos
 match ipv4 protocol
 match ipv4 source address
 match ipv4 destination address
 match transport source-port
 match transport destination-port
 match interface input
 match interface output
 collect routing source as
 collect routing destination as
 collect routing next-hop address ipv4
 collect transport tcp flags
 collect counter bytes
 collect counter packets
 collect timestamp sys-uptime first
 collect timestamp sys-uptime last

flow exporter FLOW-EXPORTER_NETFLOW
 description SEND DATA TO NETFLOW SERVER
 destination [ip-orionServer]
 output-features
 transport udp 2055
 template data timeout 300
 option interface-table timeout 1000
 option exporter-stats timeout 1000

flow monitor FLOW-MONITOR_NETFLOW
 description TRAFFIC ANALYSIS
 exporter FLOW-EXPORTER_NETFLOW
 statistics packet protocol
 record FLOW-RECORD_NETFLOW

Apply it:

int GigabitEthernet0/0/0
 ip flow monitor FLOW-MONITOR_NETFLOW input
 ip flow monitor FLOW-MONITOR_NETFLOW output

int GigabitEthernet0/0/1
 ip flow monitor FLOW-MONITOR_NETFLOW input
 ip flow monitor FLOW-MONITOR_NETFLOW output

NOTE:
If the Internet MIB does not work, you’ll get an error like this: %Bad OID

Try these:
snmp-server view SNMPv3View ISO included
snmp-server view SNMPv3View 1.3.6 included (this one worked for me)

=====IOS:

ip flow-export source Loopback0
ip flow-export version 5
ip flow-export destination [ip-orionServer] 2055
ip flow-top-talkers

Apply it:

int GigabitEthernet0/0/0
 ip flow ingress
 ip flow egress

int GigabitEthernet0/0/1
 ip flow ingress
 ip flow egress

=====ASA:

flow-export destination inside [SERVER IP ADDRESS] 9996 or 2055
flow-export template timeout-rate 1 
flow-export delay flow-create 60 

access-list NETFLOW_EXPORT_ACL extended permit ip any any

class-map NETFLOW_EXPORT_CLASS
 match access-list NETFLOW_EXPORT_ACL

policy-map global_policy     :DEFAULT, ALREADY CONFIGURED
 class NETFLOW_EXPORT_CLASS
  flow-export event-type all destination [SERVER IP ADDRESS]

service-policy global_policy global     :DEFAULT, ALREADY CONFIGURED
More Stories
HPE & Citrix XenServer