5.02021-11-21T21:58:29ZTemplates/Network devicesCisco ASACisco ASA## Description
Version 1.1.3, Release date 29.4.2020 Made by: Ville Leinonen/www.hacknetwork.org Template is tested in Zabbix 4.4 and ASA version 9.14(1) Changelog: SNMPv3 support added TODO (maybe): Interface statistic and more triggers.
## Overview
Version 1.1
Template is tested against Zabbix version 4.4.6 and ASA version 9.14(1).
Failover role can be primary or secondary, it based in your ASA configuration.
Failover status can be Active unit or Standby unit. This indicates which of your Firewall is active right now.
Template also populates inventory fields automaticly.
This is snmpv2 template, but v3 is coming soon.
Version 1.1.3
SNMPv3 support added, new macros:
{$SECURITY\_NAME} = Username
{$AUTH\_PASSPHRASE} = Authentication password
{$PRIV\_PASSPHRASE} = Encryption password
Use authentication algorithm SHA and encryption algorithm AES (128).
Added OID: ASA System name (ciscoASAsysName)
OLD VERSIONS, USE GITHUB <https://github.com/hrleinonen/zabbix>
More information (soon) <https://www.hacknetwork.org/?page_id=304>
## Author
Ville Leinonen
Templates/Network devicesGeneralInterfacesVPN- Maximum Crypto SessionsSNMP_AGENT.1.3.6.1.4.1.9.9.467.1.1.5.0ccaMaxCryptoConnections60m0FLOATVPN
- Maximum Crypto ThroughputSNMP_AGENT.1.3.6.1.4.1.9.9.467.1.1.4.0ccaMaxCryptoThroughput60m0FLOATVPN
- Connections In UseSNMP_AGENT1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6cfwConnectionStatValueCurrentInUse5mFLOATNumber of connections currently in use by the entire firewall.General
- Connections Max UseSNMP_AGENT1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.7cfwConnectionStatValueMaxUse5mFLOATHighest number of connections in use at any one time since system start.General
- Failover StatusSNMP_AGENT.1.3.6.1.4.1.9.9.147.1.2.1.1.1.4.6cfwHardwareStatusDetailFoStatus0TEXTFirewall cluster Failover status. Indicates which of the Firewall is active unit in the cluster.General{change()}=0NONE{HOST.NAME} Cisco ASA Failover triggeredHIGHCisco ASA Failover triggered.YES
- Failover Role PrimarySNMP_AGENT.1.3.6.1.4.1.9.9.147.1.2.1.1.1.2.6cfwHardwareStatusFoPrimary5m0TEXTCan be:
- Primary unit (this device)
- Secondary unit (this device)GeneralREGEXPrimary.*unit.*this.*device.
\0DISCARD_VALUE
- Failover Role SecondarySNMP_AGENT.1.3.6.1.4.1.9.9.147.1.2.1.1.1.2.7cfwHardwareStatusFoSecondary5m0TEXTCan be:
- Primary unit (this device)
- Secondary unit (this device)GeneralREGEXSecondary.*unit.*this.*device.
\0DISCARD_VALUE
- ASA VersionSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.10.1ciscoASA60m0TEXTOS_SHORTGeneral
- ASA System nameSNMP_AGENTSNMPv2-MIB::sysName.0ciscoASAsysName60m0TEXTGeneral
- Active IKE PeersSNMP_AGENT.1.3.6.1.4.1.9.9.171.1.2.1.1.0ciscoIKEPeers5mVPN
- Memory FreeSNMP_AGENT.1.3.6.1.4.1.9.9.48.1.1.1.6.1ciscoMemoryPoolFreeByteGeneral
- Memory Pool Largest FreeSNMP_AGENT.1.3.6.1.4.1.9.9.48.1.1.1.7.1ciscoMemoryPoolLargestFreeByteGeneral
- Memory UsedSNMP_AGENT.1.3.6.1.4.1.9.9.48.1.1.1.5.1ciscoMemoryPoolUsedByteGeneral
- Memoty TotalCALCULATEDciscoMemoryTotalBytelast("ciscoMemoryPoolUsed")+last("ciscoMemoryPoolFree")General
- Memory UsageCALCULATEDciscoMemUsage%100*last("ciscoMemoryPoolUsed")/last("ciscoMemoryTotal")General
- ROMMON VersionSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.9.1ciscoROMMON60m0TEXTGeneral
- Active AnyConnect SessionsSNMP_AGENT.1.3.6.1.4.1.9.9.392.1.3.35.0crasSVCNumSessions5mVPN
- Active WebVPN SessionsSNMP_AGENT.1.3.6.1.4.1.9.9.392.1.3.38.0crasWebvpnNumSessions5mVPN
- Chassis VersionSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.8.1deviceChassis60m0TEXTHW_ARCHGeneral
- Model NameSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.13.1deviceModel60m0TEXTHARDWARE_FULLGeneral
- Chassis Serial NumberSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.11.1deviceSerialNum60m0TEXTSERIALNO_AGeneral
- Vendor NameSNMP_AGENTSNMPv2-SMI::mib-2.47.1.1.1.1.12.1deviceVendor60m0TEXTVENDORGeneral
- Number of network interfacesSNMP_AGENTIF-MIB::ifNumber.0ifNumber60mThe number of network interfaces (regardless of their current state) present on this system.Interfaces
- DescriptionSNMP_AGENT.1.3.6.1.2.1.1.1.0sysDescr60m0TEXTOS_FULLGeneral
- sysUpTimeSNMP_AGENTSNMPv2-MIB::sysUpTime.0sysUpTimeInstance5m7dFLOATuptimeGeneralMULTIPLIER0.01{last()}<10m{HOST.NAME} uptime changedWARNING
- Total VPN sessionsCALCULATEDtotalVPNsessions5m(last("crasSVCNumSessions")+last("ciscoIKEPeers")+last("crasWebvpnNumSessions"))Total number of VPN sessions.VPN
Number of CPU CoresSNMP_AGENTdiscovery[{#SNMPVALUE},1.3.6.1.4.1.9.9.109.1.1.1.1.7]numOfcore5mDiscovery number of CPU coresCore {#SNMPINDEX} 1minSNMP_AGENT1.3.6.1.4.1.9.9.109.1.1.1.1.7.{#SNMPINDEX}cpmCPUTotal1minRev[{#SNMPINDEX}]FLOATGeneralCore {#SNMPINDEX} 5minSNMP_AGENT1.3.6.1.4.1.9.9.109.1.1.1.1.8.{#SNMPINDEX}cpmCPUTotal5minRev[{#SNMPINDEX}]FLOATGeneral({Cisco ASA:ccaMaxCryptoConnections.last()}-{Cisco ASA:totalVPNsessions.last()})<20RECOVERY_EXPRESSION({Cisco ASA:ccaMaxCryptoConnections.last()}-{Cisco ASA:totalVPNsessions.last()})<21{HOST.NAME} soon out of VPN-sessionsAVERAGETrigger if soon out of VPN-sessions.YES