Cisco PIX/ASA Message Alert

The Cisco PIX/ASA Messages alert allows for triggering on PIX message criticality, code, and message rate. Since this alert is specific to Cisco PIX messages, the alert device selection is limited to Cisco PIX devices.

Request Parameters

criticality, FewerThan, MoreThan, MessageCode, TimeSpan

Example

“criticality/1//MoreThan/10//MessageCode/1-709006//TimeSpan/40”

The following table lists the Cisco PIX Message Alert-specific parameters. You must include the parameters as inputs for the alertRules parameter.

Cisco PIX/ASA message Alert-specific parameter
Parameter Description Values Required Type
Criticality Criticality for the alert. See your firewall documentation for details about the values in the list. Enter a numeric value from the following list:

0: emergency

1: alert

2: critical

3: error

4: warning

5: notice

6: informational

7: debug

The default is 1.

yes string
FewerThan Minimum number of messages that must be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages drops below the FewerThan value, an alert is generated.

The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan.

Any positive integer between 1 and 100. yes string
MoreThan Maximum number of messages that can be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages exceeds the MoreThan value, an alert is generated.

The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan.

Any positive integer between 1 and 100. yes string
MessageCode Message code for which an alert is generated. For more information on Cisco PIX Message Codes, see your Cisco PIX documentation.

The message code selections are limited to codes applicable to the selected criticality.

Valid Cisco PIX message code. Message codes must match the criticality parameter. For example, if criticality is set to 3, you can specify any message code that starts with 3-.

The default is 1-709006.

yes string
TimeSpan Period of time that must be exceeded by the FewerThan and MoreThan thresholds before an alert is triggered.

If the FewerThan and MoreThan thresholds are met for the specified TimeSpan, an alert is generated.

Any positive integer. The value is in seconds. For example, the value 120 represents two minutes.

The default is 60.

yes int