Read about virtual routing first before reading this post. VRF aware Netflow is available in Scrutinizer since v7 and in IOS starting with 12.4(11)T, however I also saw in some documentation that support for VRF input was added in 15.0(1)M. This is of course via Flexible Netflow. You can set the input VRF as a key field in the NetFlow record, then use the VRF ID to filter reports based on that VRF in scrutinizer.
If you are using standard Netflow v5 or v9, you’re out-a-luck. The same goes for anything that doesn’t support FnF.
You would add the following to the flow record definition:
match routing vrf input
Reach out to us if you need help making Cisco VRF NetFlow Reporting part of your network traffic monitoring solution.
