Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    Cisco Firepower Threat Defense Monitoring

    Last updated on 17 March, 2023

    LogicMonitor offers monitoring for the Cisco Firepower Threat Defense platform by default. The monitoring suite uses SNMP to query the Cisco ASA appliance running firewall threat defense for a wide variety of health and performance metrics.

    Requirements

    SNMP must be installed on the Cisco Firepower Threat device.

    Adding Cisco Firepower Threat Defense Resources

    For information on adding resources into monitoring, see Adding Devices. In addition:

    • LogicMonitor must provide the appropriate SNMP credentials in order to successfully access the Cisco Wireless device via SNMP. For instructions on how to set the appropriate credentials as properties on the resource within LogicMonitor, see Defining Authentication Credentials.
    • The following custom properties can be set on the Cisco Firepower Threat Defense resource within LogicMonitor. For more information on setting properties, see Resource and Instance Properties.
    PropertyValue
    SNMP credentialsProperties required to establish SNMP credentials vary depending on the SNMP version being used. 
    system.categoriesThe Cisco_FTD category will be added by the addCategory_Cisco_FTD PropertySource.

    Installing the LogicModules 

    LogicMonitor’s package for Cisco Firepower Threat Defense consists of the following LogicModules. For full coverage, please ensure that all of these LogicModules are imported into your LogicMonitor platform. For more information, see Installing Modules and Packages.

    NameTypeDescription
    addCategory_Cisco_FTDPropertySourceUses the system name from SNMP to determine if the device is a Cisco Firepower Threat Defense device.
    Cisco FTD Snort Lina StatsDataSourceCollection of statistics for Cisco Firepower Threat Defense.
    Cisco FTD ServicesDataSourceMonitors the services running on a Cisco Firepower Threat Defense system.
    Cisco FTD NAT SessionsDataSourceThe number of current and peak NAT sessions.
    Cisco FTD MemoryDataSourceMemory used by Firepower Threat Defense by function.
    Cisco FTD High AvailabilityDataSourceMonitors the status of Cisco Firepower firewalls running in an active/standby high availability configuration.
    Cisco FTD DropsDataSourceLists the top ten causes for ASP flow drops on the firewall device and the count of these drops.
    Cisco FTD CPUDataSourceMonitors the overall CPU busy percentages over the last one-minute and five-minute time intervals for all cores.
    Cisco FTD ConnectionStatsDataSourceMonitors the virtual private networks based remote access networks of a Cisco Firepower Threat Defense system.

    When setting static datapoint thresholds on the various metrics tracked by this package’s DataSources, LogicMonitor follows the technology owner’s best practice KPI recommendations. If necessary, adjust these predefined thresholds to meet the unique needs of your environment. For more information on tuning datapoint thresholds, see Tuning Static Thresholds for Datapoints.

    In This Article