Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1416
Views
5
Helpful
5
Replies

About time related OID in ASA 5520

Go to solution
feilongwudi2088
Level 1
Level 1

‎05-18-2016 02:51 AM

hi, I am new here. I'd like to find time related OID in ASA 5520. But when I run "show snmp-server oidlist", I found there is no time related OID in ASA 5520. I want to use snmp sensor about ntp status or system current time. Is there any solution for my problem? Thank you.

Labels:
Preview file
110 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jossabor
Level 1
Level 1

‎05-18-2016 09:08 AM

Hi

The OID to monitor current time and date is csyClockDateAndTime, that belongs to the CISCO-SYSTEMS-MIB which is not supported on the ASA, for NTP status the MIB is CISCO-NTP-MIB which also is not supported on ASA devices.

View solution in original post

5 Replies 5

Go to solution
jossabor
Level 1
Level 1

‎05-18-2016 09:08 AM

Hi

The OID to monitor current time and date is csyClockDateAndTime, that belongs to the CISCO-SYSTEMS-MIB which is not supported on the ASA, for NTP status the MIB is CISCO-NTP-MIB which also is not supported on ASA devices.

Go to solution
husycisco
Level 7
Level 7
In response to jossabor

‎05-18-2016 09:42 AM

Clock synchronization is vital for security, especially for audit log correlation. PCI DSS mandates that network equipment synchronize their time with an NTP server and their time is monitored (i.e by a NMS) for possible skews. So when logs need to be audited for a certain date and time, first the NTP sensor logs in the NMS is queried to fetch the skew value at a particular time instant, then the actual log in the syslog for that particular time is retrieved and then its time stamp is corrected considering the skew value.

How could Cisco miss this in their major security line of product? 

0 Helpful

Go to solution
feilongwudi2088
Level 1
Level 1
In response to jossabor

‎05-18-2016 09:54 AM

Thank you for replying. So, there is no way in ASA to achieve my goal?

0 Helpful

Go to solution
jossabor
Level 1
Level 1
In response to feilongwudi2088

‎05-18-2016 09:54 AM

Using snmp polling there is no way for the NTP synchronization or current time and date to be polled, you can try other options like EEM scripts and TCL scripts. For  that there is a specific forum where you can get help configuring the  scripts so that you can get that information send on a syslog manner. 

https://supportforums.cisco.com/community/5941/eem-scripting

0 Helpful

Go to solution
feilongwudi2088
Level 1
Level 1
In response to jossabor

‎05-18-2016 09:57 AM

thank you. I will check it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents