Hi Andrew,

Thanks very much for the ASA HA alert; I've created a clone on the production network - hopefully it won't trigger too often.

Also, thanks for the recommendation about syslog, it's time for me to finish off the syslog integration, which I haven't got working yet.

Thanks again

Darren


On 24 January 2018 at 05:21, Andrew Plas <andrewp.plas@gmail.com> wrote:
This is the alert checker I use to monitor and alert on ASA redundancy.  It may not be what you are looking for as it does not alert on a failover event itself- the alert triggers when the cluster is no longer redundant and is cleared when both are up and in a normal HA state.  I find this acceptable in my environment since it is more likely one is hard down (hardware failure, power outage, etc) rather than down due to a soft outage (software crash or interface link down).  Basically I don't care if they failed over, I care if they can't fail over!
If you want to alert on the HA event, a syslog alert would be an easy way to go.  The ASA definitely throws a log you can match on.

Inline image 1

On Sun, Jan 21, 2018 at 2:21 PM, Storer, Darren <darren.storer@gmail.com> wrote:
Hi Adam,

Thanks for the syslog suggestion - I'll try that.

Regards

Darren

On 18 January 2018 at 23:44, Adam Armstrong <adama@memetic.org> wrote:
Do they generate useful syslog messages?

Adam.

Sent from BlueMail
On 18 Jan 2018, at 23:24, "Storer, Darren" <darren.storer@gmail.com> wrote:
After diagnostic assistance from Adam it's sad to report that the Cisco ASA platform does not expose IP SLA details.

Any assistance or ideas for ASA HA failover alerting would be gratefully received - here what I have so far:

Inline images 1

Many thanks

Darren

On 18 January 2018 at 09:52, Storer, Darren <darren.storer@gmail.com> wrote:
IPA SLA status is correctly reported from our core VSS switch but does not appear from ASA devices. Does anyone else see IP SLA reported from Cisco ASA firewalls? (Tried 9.7 and 9.8(2) software versions).

On the subject of Cisco ASA, does anyone have HA failover correctly alerting? I've tried to implement an alert but not quite mastered the technique.

Inline images 1

Inline images 2

Thanks in advance for any advice

Darren 




 

observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium

_______________________________________________
observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium



_______________________________________________
observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium



_______________________________________________
observium mailing list
observium@observium.org
http://postman.memetic.org/cgi-bin/mailman/listinfo/observium