Does anyone have a report to show number of connections per hosts to a firewall? I have been looking into Report Writer, seen an option, Count of termination Address but report shows 0. Before I look into SQL query, thought i would ask, thanks
You should be able to chart it out with the gui.
There are statistics tables that holds a count for connections.
ASA_ConnectionStatistics_Detail, _Hourly and _Daily as well.
I would have to do a test, but first thought it they are using the 'crasNumUsers' OID to poll for this value. Which is what I used to poll for manually before the ASA integration.
Object crasNumUsers
OID 1.3.6.1.4.1.9.9.392.1.3.3
Loop1 Systems: SolarWinds Training and Professional Services
Precursor : Cisco ASA Active VPN Connections
I hear SolarWinds is doing away with Report Writer, I looked at Manage Reports from All Settings and ran report to get just a total. I am looking for detail to see if many connections are arriving from a single IP to help identify an attack. Not sure if this is possible with SolarWinds, thanks for the info so far. If you have any other suggestions I can look at let me know, I'll keep looking, thanks
Summary of Orion Objects: | Datasource 1 |
Summary of Time Periods: | Past Hour (2:57 PM - 3:57 PM Sep 5, 2018) |
Custom Table for Datasource 1 from Past Hour (2:57 PM - 3:57 PM Sep 5, 2018)
|
cmatrask, I am not 100% sure, you might want to do a scan of the device if you are able.
So far I have not been able to find the full detail that you are looking for. I do not have one of my own at the moment to scan, but you might try tuning into 1.13.6.1.4.1.9.9.826.0.x.x for a scan/walk (starting at 1.13.6.1.4.1.9.9.826, or ...826.0.) if a full walk does not get the desired results in your return... X values I am unsure of, but it indicates a data structure is present to hold some detail. The naming is similar enough to the ASA'a that I think the devil is in there somewhere.
FPR4100/9300 series |
CISCO-FIREPOWER-MIB.my |
CfprAaaSession |
1.3.6.1.4.1.9.9.826.0.x.x |
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.