Getting Data In

CISCO ASA Health Monitoring through Splunk

harishbenne2
Explorer

We are planning to decommission the existing Firewall Health Monitoring Tool due to circumstances.
We are looking for any solution available for ASA health monitoring through either Splunk itself or an app from Splunkbase.

Any suggestions would be of much help.

0 Karma

amitm05
Builder

@harishbenne2
The App documentation has not listed all of its dashboards. But it has dashboards like -
Proxy Performance,
Network Resources,
Application Health (this one provides metrics like Pool Member Health, Virtual CPU Health, CPU violations, Response codes health etc)

I believe these can help you but you are the best judge of your requirement.
Thanks

0 Karma

evania
Splunk Employee
Splunk Employee

Hi @harishbenne2 ,

Did you have a chance to check out any answers? If it worked, please resolve this post by approving it! If your problem is still not solved, keep us updated so that someone else can help you.

Thanks for posting!

0 Karma

kmorris_splunk
Splunk Employee
Splunk Employee

I'm not sure if it meets your requirements as a "Health Monitoring" tool, but check out Cisco Security Suite app on splunkbase.

https://splunkbase.splunk.com/app/525/#/overview

0 Karma

kmorris_splunk
Splunk Employee
Splunk Employee

It supports Cisco ASA and PIX firewall appliances, the FWSM firewall services module, Cisco IPS, Cisco Web Security Appliance (WSA), Cisco Email Security Appliance (ESA), Cisco Identity Services Engine (ISE), pxGrid, and Cisco Advanced Malware Protection / Sourcefire.

0 Karma

harishbenne2
Explorer

Thanks for your response. But as far as I have studied this app, they monitor traffic and events, not the health parameters like CPU/Memory etc.

0 Karma

jorodrigues
Engager

managed to solve? what are you using today to monitor cpu, Firewpower memory?

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...