Cisco ASA templates - YMMV

Templates, scripts for templates, scripts and requests for templates.

Moderators: Developers, Moderators

fusion
Posts: 2
Joined: Fri Nov 25, 2005 10:46 pm

Cisco ASA templates - YMMV

Post by fusion »

These were created for the Cisco ASA 5520
Attachments
cacti_graph_template_cisco_asa_sessions.xml
(12.86 KiB) Downloaded 14313 times
cacti_graph_template_cisco_asa_cpu_usage.xml
(10.83 KiB) Downloaded 11249 times
cacti_graph_template_cisco_asa_memory_usage.xml
(14.8 KiB) Downloaded 10002 times
siouxee
Cacti User
Posts: 88
Joined: Wed Sep 07, 2005 9:00 am

No session info...

Post by siouxee »

I don't see any session info with this template... Any fixes / updates to the template?
knobdy
Cacti User
Posts: 495
Joined: Wed Sep 28, 2005 1:39 pm

Post by knobdy »

My sessions graph isn't working either.. any news?
User avatar
Setarcos
Cacti User
Posts: 143
Joined: Mon Dec 13, 2004 2:55 pm
Location: San Jose, CA
Contact:

Post by Setarcos »

Here are a few of mine.
Attachments
IKE Dropped Packets
IKE Dropped Packets
IKE-dropped-packets.png (28.69 KiB) Viewed 118025 times
IKE Traffic
IKE Traffic
IKE-traffic.png (44.47 KiB) Viewed 118025 times
Active VPN Tunnels
Active VPN Tunnels
active-VPN-tunnels.png (24.87 KiB) Viewed 118025 times
RAS Sessions
RAS Sessions
RAS-sessions.png (23.62 KiB) Viewed 118025 times
cisco-asa-cacti-templates.zip
XML Templates
(109.88 KiB) Downloaded 8074 times
User avatar
ScOp3
Cacti User
Posts: 61
Joined: Wed Aug 03, 2005 4:14 am
Location: Cologne Germany
Contact:

Post by ScOp3 »

You're templates had some minor errors regarding OID's and Data Sources. Took me a while to find that out. Anyhow i fixed them a bit and combined the whole thing into a Host Template.

If you had problems getting it to work before give this Host Template a try.
Attachments
cacti_host_template_cisco_asa_security_appliance.zip
(15.16 KiB) Downloaded 16104 times
fear leads to anger, anger leads to hate and dancing leads to sex!
User avatar
Setarcos
Cacti User
Posts: 143
Joined: Mon Dec 13, 2004 2:55 pm
Location: San Jose, CA
Contact:

Post by Setarcos »

ScOp3 wrote:You're templates had some minor errors regarding OID's and Data Sources. Took me a while to find that out. Anyhow i fixed them a bit and combined the whole thing into a Host Template.

If you had problems getting it to work before give this Host Template a try.
Thanks ScOp3,

Yea, I forgot to mention that you need the Cisco MIBs installed for my versions to work.
User avatar
ScOp3
Cacti User
Posts: 61
Joined: Wed Aug 03, 2005 4:14 am
Location: Cologne Germany
Contact:

Post by ScOp3 »

Setarcos wrote: Thanks ScOp3,

Yea, I forgot to mention that you need the Cisco MIBs installed for my versions to work.
Yup, figured the MIB issue quite fast. That's why i changed them to numerical notation so we have less dependencies. Nice work on the templates.
fear leads to anger, anger leads to hate and dancing leads to sex!
ntwillie1
Posts: 4
Joined: Thu Sep 22, 2005 4:53 pm
Location: nyc
Contact:

? about the cisco mib's

Post by ntwillie1 »

hi guys. i'm hoping you can help me out here. Where do i get the cisco mibs and once i have them, where to I install them. Also, i was trying to import that template but am having problems doing so. I keep getting the following errors:


Notice: Only variable references should be returned by reference in C:\Apache2\htdocs\cacti\lib\import.php on line 44

Warning: Cannot modify header information - headers already sent by (output started at C:\Apache2\htdocs\cacti\lib\import.php:44) in C:\Apache2\htdocs\cacti\templates_import.php on line 67

when i hit the back button, it tells me the following:
Error: XML: Hash version does not exist.


If anyone can help I would greatly appreciate it. I'm trying to get some graphs going on my ASA 5505. Thanksa.
joex51
Posts: 32
Joined: Sun Mar 05, 2006 4:05 am
Location: Connecticut

Very Nice

Post by joex51 »

These look awesome I will have to give them a try!!
hinze57
Posts: 6
Joined: Wed Sep 12, 2007 3:31 pm
Location: Colorado

ASA VPN Monitoring

Post by hinze57 »

A coworker set up NMIS to monitor routers and such. So while searching for information on monitoring VPN tunnels off of multiple ASA's (all remote access IPSec) I found Cacti. I have it installed on a RH Linux box.

I have added the template located in the cacti_host_template_cisco_asa_security_appliance.zip file attachment mentioned previously. But I cannot get any graphs or anything and my polling consistently come back with the following error:
09/13/2007 05:22:34 PM - POLLER: Poller[0] Maximum runtime of 292 seconds exceeded. Exiting.
09/13/2007 05:22:34 PM - SYSTEM STATS: Time:292.9897 Method:cmd.php Processes:1 Threads:N/A Hosts:2 HostsPerProcess:2 DataSources:15 RRDsProcessed:0
PHP Warning: pclose(): 45 is not a valid stream resource in /opt/netmgt/cacti/lib/rrd.php on line 48

Can someone provide some direction or where to look?

Thanks,
hinze57
Posts: 6
Joined: Wed Sep 12, 2007 3:31 pm
Location: Colorado

VPN Monitoring

Post by hinze57 »

Okay, I changed the SNMP version from 1 to 2 and it worked.
hinze57
Posts: 6
Joined: Wed Sep 12, 2007 3:31 pm
Location: Colorado

ASA Template

Post by hinze57 »

How did you locate the correct OID's? I'd like to add a graph for IPSec traffic. IKE traffic should primarily be login traffic, and I'd like to see tunnel traffic. I'll look on Cisco's site, but thought you folks would know the answer in your sleep.

Thx
User avatar
solefald
Posts: 38
Joined: Fri Jun 11, 2004 1:35 pm

Post by solefald »

im having an issue displaying Total Sessions with this.

For some reason i see 65523710 connections in the graph, which is an absolutely crazy number. When i manually run snmpget on the OID provided under "Cisco ASA - Total Sessions" (.1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6) i get somewhere around 750 connections on average, which seems like a reasonable number.

anyone knows how to fix that?
Attachments
graph_image.png
graph_image.png (6.04 KiB) Viewed 111288 times
skinty
Posts: 41
Joined: Sat Aug 12, 2006 6:47 pm

Post by skinty »

Very minor, but it looks like the legends between Total Sessions and Remote Sessions are transposed.
neodawg
Posts: 13
Joined: Mon Dec 03, 2007 10:22 pm

Cisco ASA 5510 no CPU util graph

Post by neodawg »

all the other graphs work just fine, but on the 5510s the cpu utilization isnt working, there is a graph there, and on one there is some data that comes in but its either a value of 1 or 0. any ideas? Thanks


Update: I have later discovered that after a OS upgrade on the ASA fixed the issue and the ASA was also experiencing little load on it as well.
Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests