Cisco PIX/ASA/FWSM Message Alert
The Cisco PIX/ASA/FWSM Messages alert allows for triggering on PIX/ASA/FWSM message criticality, code, and message rate. Since this alert is specific to Cisco PIX/ASA/FWSM messages, the alert device selection is limited to Cisco PIX/ASA/FWSM devices.
Example
SOAP request for Cisco/PIX/ASA/FWSM Message Alert
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:aler="AlertService"> <soapenv:Header/> <soapenv:Body> <aler:createAlert> <!--Optional:--> <aler:authToken>admin/admin123</aler:authToken> <!--Optional:--> <aler:alertTypeName>Cisco PIX/ASA/FWSM Messages Alert</aler:alertTypeName> <!--Optional:--> <aler:name>Alert1</aler:name> <!--Optional:--> <aler:desc>Cisco PIX Messages Alert - user alert</aler:desc> <!--Optional:--> <aler:priorityName>medium</aler:priorityName> <!--Optional:--> <aler:enabled>no</aler:enabled> <!--Optional:--> <aler:deviceNames>All Cisco ASA</aler:deviceNames> <!--Optional:--> <aler:usernames>admin</aler:usernames> <!--Optional:--> <aler:trapIds></aler:trapIds> <!--Optional:--> <aler:resetTime>900</aler:resetTime> <!--Optional:--> <aler:trackIndividualDevice>yes</aler:trackIndividualDevice> <!--Optional:--> <aler:alertRules>FewerThan/-1//MoreThan/111//Criticality/1//MessageCode/1-717049//Timespan/60</aler:alertRules> <!--Optional:--> <aler:snmpOId></aler:snmpOId> </aler:createAlert> </soapenv:Body> </soapenv:Envelope>
The following table lists the Cisco PIX/ASA/FWSM Message Alert-specific parameters. You must include the parameters as inputs for the alertRules parameter.
Parameter | Description | Values | Required | Type |
---|---|---|---|---|
Criticality | Criticality for the alert. See your firewall documentation for details about the values in the list. | Enter a numeric value from the following list: | yes | string |
FewerThan | Minimum number of messages that must be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages drops below the FewerThan value, an alert is generated.
The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan parameters. |
Any positive integer between 1 and 100. | yes | string |
MoreThan | Maximum number of messages that can be received within a time period (TimeSpan parameter) before an alert is generated. If the number of messages exceeds the MoreThan value, an alert is generated.
The FewerThan and MoreThan parameters make up the alert range. You do not have to specify both FewerThan and MoreThan. |
Any positive integer between 1 and 100. | yes | string |
MessageCode | Message code for which an alert is generated. For more information on Cisco PIX/ASA/FWSM Message Codes, see your Cisco PIX documentation.
The message code selections are limited to codes applicable to the selected criticality. |
Valid Cisco PIX/ASA/FWSM message code. Message codes must match the criticality parameter. For example, if criticality is set to 3, you can specify any message code that starts with 3-.
The default is 1-709006. |
yes | string |
TimeSpan | Period of time that must be exceeded by the FewerThan and MoreThan thresholds before an alert is triggered.
If the FewerThan and MoreThan thresholds are met for the specified TimeSpan, an alert is generated. |
Any positive integer. The value is in seconds. For example, the value 120 represents two minutes.
The default is 60. |
yes | int |