MetricsHub®
MetricsHub Enterprise 3.0.00

 Connectors directory[1]   Full listing of connectors[2]

Cisco Secure Firewall ASA (SNMP)

Description

This connector monitors Cisco Secure Firewall ASA devices. It relies on theCisco Secure Firewall ASA SNMP Agent version 8.4 and higher.

cisco[3] enterprise[4] firewall[5] hardware[6]

Target

Typical platform: Cisco ASA Firewall[7]

Operating system: Out-Of-Band

Prerequisites

Leverages: Cisco Secure Firewall ASA SNMP Agent version 8.4 and higher

Technology and protocols: SNMP

This connector is not available for the local host (it is applicable to remote hosts only).

Examples

CLI

metricshub HOSTNAME -t management -c +CiscoSecureFirewallASA --snmp v2c --community public

metricshub.yaml

resourceGroups:
  <RESOURCE_GROUP>:
    resources:
      <HOSTNAME-ID>:
        attributes:
          host.name: <HOSTNAME> # Change with actual host name
          host.type: management
        connectors: [ +CiscoSecureFirewallASA ] # Optional, to load only this connector
        protocols:
          snmp:
            version: v2c # Read documentation for v1, v2c and v3
            community: public # or probably something more secure

Connector Activation Criteria

The Cisco Secure Firewall ASA (SNMP) connector will be automatically activated, and its status will be reported as OK if all the below criteria are met:

  • An SNMP Get-Next on the OID 1.3.6.1.4.1.9.9.147 must return a value in the same subtree

Metrics

Type Collected Metrics Specific Attributes
cpu
  • hw.status{hw.type="cpu", state="present"}
  • system.cpu.utilization
  • id
enclosure
  • hw.status{hw.type="enclosure", state="present"}
  • system.uptime
  • id
  • name
firewall_connection
  • firewall.connections{state="aborted"}
  • firewall.connections{state="attempted"}
  • firewall.connections{state="highest"}
  • firewall.current_connections
  • id
memory
  • hw.status{hw.type="memory", state="present"}
  • system.memory.limit
  • system.memory.usage
  • system.memory.utilization
  • id
  • name
  • type
snmpEngine
  • snmp_engine.uptime
  • id
  • name
ssl
  • firewall.sessions.limit{protocol="ssl"}
  • firewall.sessions{protocol="ssl"}
  • firewall.ssl.io{operation.type="decrypt", direction="received"}
  • firewall.ssl.io{operation.type="decrypt", direction="sent"}
  • firewall.ssl.io{operation.type="encrypt", direction="received"}
  • firewall.ssl.io{operation.type="encrypt", direction="sent"}
  • id
vpn
  • firewall.vpn.dropped{direction="received", tunnel.phase="phase_1"}
  • firewall.vpn.dropped{direction="received", tunnel.phase="phase_2"}
  • firewall.vpn.dropped{direction="sent", tunnel.phase="phase_1"}
  • firewall.vpn.dropped{direction="sent", tunnel.phase="phase_2"}
  • firewall.vpn.io{direction="received", tunnel.phase="phase_1"}
  • firewall.vpn.io{direction="received", tunnel.phase="phase_2"}
  • firewall.vpn.io{direction="sent", tunnel.phase="phase_1"}
  • firewall.vpn.io{direction="sent", tunnel.phase="phase_2"}
  • firewall.vpn.packets{direction="received", tunnel.phase="phase_1"}
  • firewall.vpn.packets{direction="received", tunnel.phase="phase_2"}
  • firewall.vpn.packets{direction="sent", tunnel.phase="phase_1"}
  • firewall.vpn.packets{direction="sent", tunnel.phase="phase_2"}
  • firewall.vpn.tunnels{tunnel.phase="phase_1"}
  • firewall.vpn.tunnels{tunnel.phase="phase_2"}
  • id
monitoring observability opentelemetry otel
Links:
  • [1] ../metricshub-connectors-directory.html
  • [2] ../metricshub-connectors-full-listing.html
  • [3] tags/cisco.html
  • [4] tags/enterprise.html
  • [5] tags/firewall.html
  • [6] tags/hardware.html
  • [7] platforms/cisco-asa-firewall.html
No results.