Folks, I need your help. We have a few site-2-site connections using a Cisco ASA5520 as the head-in for us. I have a UDP poller that can show me how many connections are active, but I havent been able to find a way to really know which (who) is connected. Does anyone know enough about the UDP pollers and SNMP on the 5520 so that we could get a list of connections (not just qty).
I am also trying to figure how to setup a alert trigger for this one. Since the current UDP poller is only pulling a numerical value, how can I configure the trigger to fire if the numeric status is less than the previous poll?
For example, lets say we have 10 connections configured. On average, 8 of the 10 are connected 24/7. So, if he poller checks the firewall, and see's 8 connections, life is good - move on, but if it sees's 7, alert me. I thought about setting the rule "Numeric Status is less than 8", but if I do that, and then connections 9 and 10 login, I wont know if they drop. Or, if we add another 4 or 5 sites, I would have to remember to come back and modify the rule.
Is there a way to create a formula of some kind that can look at the raw number from the last poll, and if the current poll is less, fire off?