Description

Template for Cisco Intrusion Detection System (IDS). Monitors CPU 5 minutes, License status, health sensor monitors, etc. Can be applied on Cisco Intrusion Prevention System (IPS). This template can also be called as Cisco IPS template.

This template can be applied on Cisco Firewall devices, if that firewall has “Intrusion Detection System (IDS)” feature enabled.

Prerequisites

SNMP should be enabled in end device and device should support CISCO-PROCESS-MIB, CISCO-ENHANCED-MEMPOOL-MIB and CISCO-CIDS-MIB OIDs and SNMP credentials should be attached against the device in portal.

How to Apply: This template is All instance selection based. It will not ask user to select any instance (s) while assigning it to a device.

Metric Parameters

Metric Parameters
ParameterDescription
Frequency
  • Frequency is the interval in which you want to probe and collect metric data from the target device/resource
  • Frequency is defined in minutes (min).
  • Warning ThresholdIf the metric value satisfies the condition defined along with Warning Threshold value, then a notification is sent to the user.
    Critical ThresholdIf the metric value satisfies the condition defined along with Critical Threshold value, then a notification is sent to the user.
    AlertThe alert value can be set to either Yes or No. If it is Yes, then an alert message is sent to the user.

    Metrics

    cisco.cpu.utilization

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.109.1.1.1.1.8
    ExpressionNULL
    DescriptionCPU utilization is a key performance metric. It is the percentage of time the processor spends doing work (as opposed to being idle). It can be used to track CPU performance regressions or improvements and is a useful data point for performance problem investigations.
    [OID: 1.3.6.1.4.1.9.9.109.1.1.1.1.8]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCisco CPU Utilization
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    FilterNULLNot Applicable
    Warning OperatorGREATER_THAN_EQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold800-100
    Warning Repeat Count21-12
    Critical OperatorGREATER_THAN_EQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold900-100
    Critical Repeat Count21-12
    AlertNoYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    CPU Utilization

    CPU Utilization

    cisco.memory.pool.util.percent

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.221.1.1.1.1.7, 1.3.6.1.4.1.9.9.221.1.1.1.1.8, 1.3.6.1.4.1.9.9.221.1.1.1.1.6
    Expressionif(cempMemPoolValid==1,(cempMemPoolUsed/(cempMemPoolUsed+cempMemPoolFree))*100,0)
    DescriptionIt monitors the memory utilization of each memory pool except lsmpi_io memory pool.
    [OIDs: cempMemPoolUsed - 1.3.6.1.4.1.9.9.221.1.1.1.1.7, cempMemPoolFree - 1.3.6.1.4.1.9.9.221.1.1.1.1.8]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCisco Memory Utilization - CISCO-ENHANCED-MEMPOOL-MIB
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    FilterName
    Not Equals Ignore Case
    lsmpi_io
    NA
    Warning OperatorGREATER_THAN_EQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold800-100
    Warning Repeat Count21-12
    Critical OperatorGREATER_THAN_EQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold900-100
    Critical Repeat Count21-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    Memory Utilization

    Memory Utilization

    cisco.ids.health.security.partition.space.utilization

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.33.1.2, 1.3.6.1.4.1.9.9.383.1.4.33.1.3
    Expression(cidsHealthSecMonUtilizedPartitionSpace/cidsHealthSecMonTotalPartitionSpace)*100
    DescriptionIt monitors CISCO Intrusion Detection System(Sensor) disk utilisation.
    [OID: 1.3.6.1.4.1.9.9.383.1.4.33.1.2, 1.3.6.1.4.1.9.9.383.1.4.33.1.3]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Disk Utilization
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    FilterNULLNot Applicable
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold800-100
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold900-100
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.license.status

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.22.0
    ExpressionNULL
    DescriptionThis object indicates IPS license status along with expiration date. For example it will contain the following possible values: - signatureUpdateKey: Not expired until: - trialKey: Not expired until: - expiredLicense - noLicense - invalidLicense - unknown The timestamp will be in the format: MM/DD/YYYY HH:MM:SS [OID: 1.3.6.1.4.1.9.9.383.1.4.22]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorEQUALS_IGNORE_CASEEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning ThresholdunknownsignatureUpdateKey: Not expired until:
    - trialKey: Not expired until:
    - expiredLicense
    - noLicense
    - invalidLicense
    - unknown
    Warning Repeat Count11-12
    Critical OperatorINSEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical ThresholdexpiredLicense,invalidLicensesignatureUpdateKey: Not expired until:
    - trialKey: Not expired until:
    - expiredLicense
    - noLicense
    - invalidLicense
    - unknown
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)NoYes/No

    Sample Output

    No graph

    cisco.ids.health.packet.loss

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.1.0
    ExpressionNULL
    DescriptionProvides the percentage of packets lost at the device interface level. [OID: 1.3.6.1.4.1.9.9.383.1.4.1 ]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold10-100
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold50-100
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.packet.denial.rate

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.2.0
    ExpressionNULL
    DescriptionProvides the percentage of packets denied due to protocol and security violations.
    [ OID: 1.3.6.1.4.1.9.9.383.1.4.2 ]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold10-100
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold50-100
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.alarms.generated

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.3.0
    ExpressionNULL
    DescriptionProvides the number of alarms generated, includes all currently defined alarm severities.
    [OID: 1.3.6.1.4.1.9.9.383.1.4.3 ]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning Operator
    Warning Threshold
    Warning Repeat Count
    Critical Operator
    Critical Threshold
    Critical Repeat Count
    AlertNoYes/No
    Graph (Yes/No)YesYes/No

    Note: As Alert is not enabled on the above metric, the fields are left blank.

    Sample Output

    No graph

    cisco.ids.health.is.sensor.memory.critical

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.14.0
    ExpressionNULL
    DescriptionThis gives value between 0 and 10 that should rarely get above 3. If this is non-zero the sensor has stopped enforcing policy on some traffic in order to keep up with the current traffic load; the sensor is oversubscribed. The higher the number the more oversubscribed the sensor. It could be oversubscribed from a memory prospective and not traffic speed. For example on a 200 Mbit sensor this number might be 3 if the sensor was only seeing 100Mbit of traffic but 6000 connections per second which is over the rated capacity of the sensor. When the sensor is in Memory Critical state then a ciscoCidsError trap will be sent accordingly. [OID: 1.3.6.1.4.1.9.9.383.1.4.14]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold00-10
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold10-10
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.is.sensor.active

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.15.0
    ExpressionNULL
    DescriptionIndicates the fail over status of the device. True indicates the device is currently active. False indicates it is in a standby mode. Possible status values are 1- True, 2- False. Alert is generated when the current status is different from previous. [OID: 1.3.6.1.4.1.9.9.383.1.4.15]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning Operator
    Warning Threshold
    Warning Repeat Count
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold21, 2
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.availability

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.18.0
    ExpressionNULL
    DescriptionProvides the Cisco IDS health security monitor. This object indicates the availability of health and security monitor statistics. If the IPS health and security monitoring service is disabled, it will return false. Possible status values are 1- True, 2- False. [OID: 1.3.6.1.4.1.9.9.383.1.4.18]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning Operator
    Warning Threshold
    Warning Repeat Count
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold21, 2
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.overall.health

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.19.0
    Expressionif(cidsHealthSecMonAvailability==1,cidsHealthSecMonOverallHealth,0)
    DescriptionThis object indicates IPS sensor's overall health value - green, yellow or red. The overall health status is set to the highest severity of all metrics that are configured to be applied to the IPS's health determination. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to 'true'. [OID: 1.3.6.1.4.1.9.9.383.1.4.19]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold20,1,2,3
    Warning Repeat Count11-12
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold30,1,2,3
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.main.app.status

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.24.0
    ExpressionNULL
    DescriptionThis object indicates the running status for the control plane. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to 'true'. [OID: 1.3.6.1.4.1.9.9.383.1.4.24]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold81-9
    Warning Repeat Count11-12
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold21-9
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.analysis.engine.status

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.25.0
    Expressionif(cidsHealthSecMonAvailability==1,cidsHealthSecMonAnalysisEngineStatus,0)
    DescriptionProvides the object indicates the running status for the Analysis Engine. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to true. Possible status values are 1: notResponding(1) 2: notRunning(2) 3: processingTransaction(3) 4: reconfiguring(4) 5: running(5) 6: starting(6) 7: stopping(7) 8: unknown(8) 9: upgradeInprogress(9) [OID: 1.3.6.1.4.1.9.9.383.1.4.25]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold80-9
    Warning Repeat Count11-12
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold20-9
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.collaboration.app.status

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.26.0
    Expressionif(cidsHealthSecMonAvailability==1,cidsHealthSecMonCollaborationAppStatus,0)
    DescriptionProvides the object indicates the running status for the collaboration application. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to true. Possible status values are 1: notResponding(1) 2: notRunning(2) 3: processingTransaction(3) 4: reconfiguring(4) 5: running(5)
    6: starting(6) 7: stopping(7) 8: unknown(8) 9: upgradeInprogress(9) [OID: 1.3.6.1.4.1.9.9.383.1.4.26]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold80-9
    Warning Repeat Count11-12
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold20-9
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.analysis.engine.memory.percent

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.29.0
    Expressionif(cidsHealthSecMonAvailability==1,cidsHealthSecMonAnalysisEngMemPercent,-1)
    DescriptionThis object indicates the percentage of memory used by Analysis Engine. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to 'true'. [OID: 1.3.6.1.4.1.9.9.383.1.4.29]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold800-100
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold900-100
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.sensor.load

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.30.0
    Expressionif(cidsHealthSecMonAvailability==1,cidsHealthSecMonSensorLoad,-1)
    DescriptionThis object indicates sensor inspection load. This object is instantiated only if the value of cidsHealthSecMonAvailability is set to true. [OID: 1.3.6.1.4.1.9.9.383.1.4.30 ]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Health Check
    Unit%

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    Filter
    Warning OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold800-100
    Warning Repeat Count11-12
    Critical OperatorGREATER_THANEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold900-100
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph

    cisco.ids.health.security.virtual.sensor.status

    Metric Details

    Metric Details
    Applicable forDevice
    SNMP OID1.3.6.1.4.1.9.9.383.1.4.32.1.2
    ExpressionNULL
    DescriptionThis object represents the virtual sensor network status level. Possible color ratings 1-Green : Everything is fine 2-Yellow : There may be issues occuring on the attached network. 3. Red : the network needs attention as problems are detected and network security is critical.
    [OID: 1.3.6.1.4.1.9.9.383.1.4.32.1.2]
    CategorySNMP monitors
    Collector TypeGateway
    Monitor NameCISCO IDS - Virtual Sensor Status
    Unit

    Possible Inputs

    Possible Inputs
    MetricInput ValueRange of Values
    Frequency51 – 1440 (mins)
    FilterNULLNot Applicable
    Warning OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Warning Threshold21-3
    Warning Repeat Count11-12
    Critical OperatorEQUALEnds with, ==, !=, >=, <=, >, <, In Range, Out of range, Equals, Not equals, Equals Ignore Case, Not Equals Ignore Case, Contains, Not contains, Regex match, Regex no match, In string list, Not in string list, In List, Not in list, Starts with
    Critical Threshold31-3
    Critical Repeat Count11-12
    AlertYesYes/No
    Graph (Yes/No)YesYes/No

    Sample Output

    No graph