Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
254
Views
0
Helpful
5
Replies

SNMP monitoring of ASA failover

AlexKontorovich
Level 1
Level 1

‎07-14-2024 07:34 AM

I am using Prometheus SNMP to get info from my Cisco ASA 5585 clusters. However, I was unable to find any MIB/OID containing information about last failover - neither time nor a reason. Pretty simple information that exists in CLI. Could someone, please, point me to the right direction?

0 Helpful
5 Replies 5

marce1000
VIP
VIP

‎07-14-2024 09:02 AM

 

  - Ref : https://community.cisco.com/t5/security-knowledge-base/snmp-mibs-and-traps-on-the-asa-additional-information/ta-p/3116514
            Not everything is always implemented in MIBS ; if you look for standby  or failover  with find in the  browser I could not come up with anything related.

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

tvotna
Spotlight
Spotlight

‎07-15-2024 09:01 AM

ASA5506/pri/act# show snmp oid | i 1.3.6.1.4.1.9.9.491.1.4
[601] .1.3.6.1.4.1.9.9.491.1.4.2.1.1.1 CISCO-UNIFIED-FIREWALL-MIB::cufwFOGroupIndex
[602] .1.3.6.1.4.1.9.9.491.1.4.2.1.1.2 CISCO-UNIFIED-FIREWALL-MIB::cufwFOGrpLastFailoverAt
[603] .1.3.6.1.4.1.9.9.491.1.4.2.1.1.3 CISCO-UNIFIED-FIREWALL-MIB::cufwFOGrpHAstate
[604] .1.3.6.1.4.1.9.9.491.1.4.2.1.1.4 CISCO-UNIFIED-FIREWALL-MIB::cufwFOGrpUpTime
[605] .1.3.6.1.4.1.9.9.491.1.4.2.1.1.5 CISCO-UNIFIED-FIREWALL-MIB::cufwFOGrpContextCount

.1.3.6.1.4.1.9.9.491.1.4.2.1.1.1.0 = INTEGER: 0 <-- failover group
.1.3.6.1.4.1.9.9.491.1.4.2.1.1.2.0 = STRING: "12:14:55 CET Feb 5 2021" <-- "show failover" Last Failover at: 12:14:55 CET Feb 5 2021
.1.3.6.1.4.1.9.9.491.1.4.2.1.1.3.0 = INTEGER: 9 <-- state = active
.1.3.6.1.4.1.9.9.491.1.4.2.1.1.4.0 = Gauge32: 180065 <-- active time in seconds -- see below
.1.3.6.1.4.1.9.9.491.1.4.2.1.1.5.0 = Gauge32: 0 <-- number of contexts

Active time:
- when unit becomes active this value becomes zero and start counting
- when unit becomes standby the value freezes and not counting anymore

State:
- 1 - other
- 2 - up
- 3 - down
- 4 - error
- 5 - overTemp
- 6 - busy
- 7 - noMedia
- 8 - backup
- 9 - active
- 10 - standby

HTH

 

0 Helpful

AlexKontorovich
Level 1
Level 1
In response to tvotna

‎07-16-2024 12:34 AM

Unfortunately our ASA5585 doesn't respond well to snmpwalk using CISCO-UNIFIED-FIREWALL-MIB 

and 

ASA5585#show snmp oid | i 1.3.6.1.4.1.9.9.491.1.4 returns nothing   

0 Helpful

tvotna
Spotlight
Spotlight
In response to AlexKontorovich

‎07-16-2024 01:00 AM

Right, I believe this OID is supported as of 9.15.1 and the latest ASA release for ASA5585 is 9.12. In 9.12 few failover OIDs are available in CISCO-FIREWALL-MIB, but this MIB doesn't have info you need.

 

 

 

 

0 Helpful

marce1000
VIP
VIP
In response to AlexKontorovich

‎07-16-2024 01:24 AM

 

        - Make sure  you are on the latest advisory software version , 

 M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card