FWSM/ASDM and hit counters

rcianci · ‎05-24-2011

Hi,

I am running an environment with FWSM modules (version 4.1.5) and ASDM version 6.2(2)F.

I notice that the hit counters are not accurate when looking at ASDM.

The rule I am looking at has "default" logging enabled - I see not hits on the rule but I know that packets are going through. When I change the logging level to say "emergency" I see the hit come through. I see this behavoir for tcp and udp rule types.

I read in a different post that only tcp first time connections are recorded in the hits - subsequent packets are not in the hits counters. Also I read that ASDM has csome limitations when it makes requests to the FWSM via HTTPS.

Does anyone have additional information or point me to some documentation ....

Thanks in advance,

Bob

Maykol Rojas · ‎05-24-2011

Bob,

That is right, you will only see the first packet matching the rule and then the subsequent packets are not going to generate hitcounts. I was doing some research regarding your case and I found a bug where the customer changed the severity for logging and started to see hitcounts, however, that was solved on your version.

If you have an exact behavior that describes when the rules are having hitcounts and when they are not, I would ask you to please open a TAC case so a bug can be identified.

Mike.

Mike

rcianci · ‎05-25-2011

Thanks Mike - I think there might be an issue in the behavior of ASDM and the hit counts - I will try the TAC - thanks.