Cisco Firewall
Introduction
The Cisco Firewall Monitoring Observability (O11y) solution aims to provide detailed insights and comprehensive visibility into firewall infrastructure, leveraging the Simple Network Management Protocol (SNMP).
Getting Started
Compatibility
Cisco Firewall O11ySource supports SNMP versions v1, v2c and v3.
Data Collection Method
vuSmartMaps collects the availability data for Cisco Firewall O11ySource using an internal data collector and collects data based on the source configuration. NOTE: SNMP Polling O11ySource has to be enabled and configured before enabling Cisco Firewall O11ySource
Prerequisites
Dependent Configuration
To configure this O11ySource, create a 'credential' of type 'snmp' under the 'Definition' tab.
Inputs for Configuring Data Source
- Group Name: This field is for grouping devices for SNMP polling, making it easier to manage devices with common characteristics or within the same network segment.
- No. of Retries: Number of times the system should reattempt polling if the initial attempt fails. Default is set to 7 retries
- Timeout Duration: Specify how long the system should wait for a response from a device before considering the attempt unsuccessful. Default timeout is 5 seconds
Devices
- Device IP: Enter the IP address of the device.
- SNMP Credential: Select the SNMP credential from the dropdown list that corresponds to this device.
- Vendor: Select the vendor of the device from the dropdown list
- Model: Select the model of the device from dropdown list.
MIB Groups
- MIB Group: Select the MIB Group to poll, identifying the MIB OID to collect. Default: 'ALL_SUPPORTED_MIB_GROUPS'.
- Interval: Specify the polling interval in seconds. Default: 360 seconds
Firewall Requirement
To collect data from this O11ySource, ensure the following ports are opened:
| Source IP | Destination IP | Destination Port | Protocol | Direction |
|---|---|---|---|---|
| vuSmartMaps IP | IP address of the SNMP device | 161* | UDP | Outbound |
*Before providing the firewall requirements, please update the port based on the customer environment.
Configuring the Target
Configure SNMP on Cisco Firewall devices and grant SNMP access permissions to vuSmartMaps designated IP address.
Configuration Steps
- **
Enable**the Cisco Firewall O11ySource. - Select the Sources tab and press the
+button to add a new SNMP device to be monitored. - Click on
Saveto create the instance
Metrics Collected
| Name | Description | Data Type |
|---|---|---|
| @timestamp | Timestamp | String |
| timestamp | Timestamp | DateTime64 |
| BU ID | Business Unit Id | LowCardinality(String) |
| Tenant ID | Tenant id | LowCardinality(String) |
| Host | IP Address for this Cisco Switch | IPv4 |
| target | IP Address for this Cisco Switch | String |
| DeviceIP | Device IP for this Cisco Switch | IPv4 |
| data_type | Data Type | LowCardinality(String) |
| type | Type | LowCardinality(String) |
| Vendor Name | Vendor Name | LowCardinality(String) |
| Device Type | Device Type. In this case, Firewall | LowCardinality(String) |
| Period | Period | Int32 |
| System Name | System Name | String |
| Index | Index | String |
| CPU Utilization | CPU Utilization | Float64 DEFAULT -1.0 |
| CPU Name | CPU Name | LowCardinality(String) |
| Memory Utilization | Memory Utilization | Float64 DEFAULT -1.0 |
| Description | System Description | String |
| Contact | System Contact | String |
| Location | System Location | String |
| Uptime | System Uptime | UInt64 |
| Uptime in seconds | System Uptime in Seconds | Float64 |
| Name | Interface Name | String |
| Temperature Value | Temperature Value | Int32 |
| Temperature Threshold | Temperature Threshold | Int32 |
| Temperature Percetnage | Temperature Percetnage | Float64 |
| Temperature Name | Temperature Name | String |
| FRU Power Operstatus | FRU Power Operstatus | Int32 |
| FRU Power Adminstatus | FRU Power Adminstatus | Int32 |
| FRU Power Operstatus Description | FRU Power Operstatus Description | String |
| FRU Power Adminstatus Description | FRU Power Adminstatus Description | String |
| Interface Input Abort | Interface Input Abort | UInt64 |
| Interface Input Abort Diff | Interface Input Abort Diff | UInt64 |
| Input Collisions | Input Collisions | UInt64 |
| Input Collisions Diff | Input Collisions Diff | UInt64 |
| Input CRC | Input CRC | UInt64 |
| Input CRC Diff | Input CRC Diff | UInt64 |
| Input Misaligned | Input Misaligned | UInt64 |
| Input Misaligned Diff | Input Misaligned Diff | UInt64 |
| Input Overrun | Input Overrun | UInt64 |
| Input Overrun Diff | Input Overrun Diff | UInt64 |
| Input Queue Drop | Input Queue Drop | UInt64 |
| Input Queue Drop Diff | Input Queue Drop Diff | UInt64 |
| Output Queue Drop | Output Queue Drop | UInt64 |
| Output Queue Drop Diff | Output Queue Drop Diff | UInt64 |
| BGP Local IP Address | BGP Local IP Address | String |
| BGP Peer Admin Status | BGP Peer Admin Status | Int32 |
| BGP Peer Connection State | BGP Peer Connection State | String |
| BGP Peer Remote Address | BGP Peer Remote Address | String |
| BGP Peer Up Since | BGP Peer Up Since | Int64 |
| BGP State | BGP State | LowCardinality(String) |
| BGP Peer Admin State | BGP Peer Admin State | LowCardinality(String) |
| BGP Peer Link State | BGP Peer Link State | LowCardinality(String) |
| BGP Peer Up Since Date | BGP Peer Up Since Date | String |
| upsince | upsince | DateTime64 |
| OSPF Neighbour State | OSPF Neighbour State | String |
| OSPF Neighbour Address | OSPF Neighbour Address | String |
| Is FRU | Is FRU | Int16 |
| Sensor Name | Sensor Name | String |
| Sensor Type | Sensor Type | Int32 |
| FRU Sensor State | FRU Sensor State | String |
| vublock Name | vublock Name | String |
| Topic Of | Topic Of | String |
| is_mem_type | Memory type | Int8 |
| is_cpu_type | CPU Type | Int8 |
