Encrypted Traffic Analytics

et-analytics

To enter the global et-analytics configuration mode, use the et-analytics command in the global configuration mode.

et-analytics

Syntax Description

et-analytics

Enter the global et-analytics configuration mode.

Command Default

Disabled.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to enter the et-analytics configuration mode:

Device>enable
Device#configure terminal
Device(config)# et-analytics

et-analytics enable

To enable et-analytics configuration on a particular interface, use the et-analytics enable command in the interface configuration mode. To disable et-analytics, use the no form of the command.

et-analytics enable

no et-analytics enable

Syntax Description

et-analytics enable

Enables et-analytics on a particular interface..

Command Default

Disabled.

Command Modes

Interface configuration (config-if)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to enable et-analytics on interface GigabitEthernet1/0/2.:

Device>enable
Device#configure terminal
Device(config)# interface gi1/0/2
Device(config-if)# et-analytics enable

inactive time

To configure et-analytics inactive timer value, use the inactive time seconds command in the et-analytics configuration mode. To disable the timer settings, use the no form of the command.

inactive time seconds

no inactive time seconds

Syntax Description

inactive time

Configures the inactive timer value.

seconds

Timer value in seconds. The range is from 1 to 604800 and the default value is 60 seconds.

Command Default

Disabled.

Command Modes

et-analytics configuration (config-et-analytics)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to configure an inactive timer of 10 seconds:

Device>enable
Device#configure terminal
Device(config)# et-analytics
Device(config-et-analytics)# inactive time 10

ip flow-export destination

To configure the global collector destination IP address, use the ip flow-export destination ip_address port command in the et-analytics configuration mode. To remove the collector destination IP address, use the no form of the command.

ip flow-export destination ip_address port

no ip flow-export destination ip_address port

Syntax Description

ip flow-export destination

Configures the global collector destination IP address and port.

ip_address

Destination IP address.

port

Destination port.

Command Default

Disabled.

Command Modes

et-analytics configuration (config-et-analytics)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to configure a flow-exporter destination IP address of 10.1.1.1 and port 2055:

Device>enable
Device#configure terminal
Device(config)# et-analytics
Device(config-et)# ip flow-export destination 10.1.1.1 2055

show flow monitor etta-mon cache

To display ETA monitor cache details, use the show flow monitor etta-mon cache command in privileged EXEC mode.

show flow monitor etta-mon cache

Command Default

None

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to display ETA flow monitor cache details:

Device>enable
Device#configure terminal
Device# show flow monitor etta-mon cache
Cache type: Normal (Platform cache)
Cache size: 10000
Current entries: 4
Flows added: 6
Flows aged: 2
- Inactive timeout ( 15 secs) 2
IPV4 DESTINATION ADDRESS: 15.15.15.35
IPV4 SOURCE ADDRESS: 72.163.128.140
IP PROTOCOL: 17
TRNS SOURCE PORT: 53
TRNS DESTINATION PORT: 12032
counter bytes long: 128
counter packets long: 1
timestamp abs first: 06:23:24.799
timestamp abs last: 06:23:24.799
interface input: Null
interface output: Null

show platform software et-analytics

To display et-analytics configuration, use the show platform software et-analytics command in privileged EXEC mode.

show platform software et-analytics {global | interfaces}

Syntax Description

global

Displays global et-analytics configuration.

interfaces

Displays interface et-analytics configuration.

Command Default

None

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to display global et-analytics configuration:

Device>enable
Device#configure terminal
Device# show platform software et-analytics global 

ET-Analytics Global state
=========================
All Interfaces : Off
IP Flow-record Destination: 10.126.71.20 : 2055 
Inactive timer: 0
ET-Analytics interfaces
GigabitEthernet1/0/3

The following example shows how to display global et-analytics configuration:

Device>enable
Device#configure terminal
Device# show platform software et-analytics interfaces 

ET-Analytics interfaces
GigabitEthernet1/0/3

show platform software fed switch active fnf et-analytics-flow-dump

To display interface et-analytics flow dump, use the show platform software fed switch active fnf et-analytics-flow-dump command in privileged EXEC mode.

show platform software fed switch active fnf et-analytics-flow-dump

Command Default

None

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Example:

Examples

The following example shows how to display interface et-analytics flow dump.:

Device>enable
Device#configure terminal
Device# show platform software fed switch active fnf et-analytics-flow-dump 

ET Analytics Flow dump
=================
Total packets received (27)
Excess packets received (0)
(Index:0) 72.163.128.140, 15.15.15.35, protocol=17, source port=53, dest port=12032, flow
done=u
SPLT: len = 2, value = (25600,0)(128,0)
IDP: len = 128, value = 45:0:0:80:f0:6c:0:0:f9:11:
(Index:1) 72.163.128.140, 15.15.15.35, protocol=17, source port=53, dest port=32356, flow
done=u
SPLT: len = 2, value = (59649,0)(128,0)
IDP: len = 517, value = 45:0:2:5:c3:1:0:0:f9:11:
(Index:2) 15.15.15.35, 72.163.128.140, protocol=17, source port=12032, dest port=53, flow
done=u
SPLT: len = 2, value = (10496,0)(128,0)
IDP: len = 69, value = 45:0:0:45:62:ae:40:0:40:11:
(Index:3) 15.15.15.35, 72.163.128.140, protocol=17, source port=32356, dest port=53, flow
done=u
SPLT: len = 2, value = (10496,0)(128,0)
IDP: len = 69, value = 45:0:0:45:62:ad:40:0:40:11: