1. What is sFlow? sFlow (Sampled Flow) is an industry-standard technology for monitoring network traffic. Unlike full packet capture tools (like tcpdump) or flow aggregation protocols (like NetFlow), sFlow uses statistical sampling to monitor all traffic at wire speed without impacting performance.
For further reading: sFlow.org – the official standard. sflow capture tool
set protocols sflow collector <collector-ip> udp-port 6343 set protocols sflow sampling-rate 1000 set protocols sflow interfaces ge-0/0/0 Unlike full packet capture tools (like tcpdump) or
| Tool | Description | |------|-------------| | | Turns sFlow into NetFlow | | pmacct | Lightweight, stores in SQL/Redis | | ElastiFlow | Integrates with Elasticsearch + Kibana | | sflowtool | Command-line decoder (debugging) | sflow capture tool
configure terminal sflow collector <collector-ip> port 6343 sflow polling-interval 20 sflow sampling-rate 1000 interface ethernet 1/1 sflow enable