PDF(7.6 KB) View with Adobe Reader on a variety of devices
Updated:August 26, 2014
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document describes how you can monitor services on the Email Security Appliance (ESA).
How do I monitor the health of the ESA?
The ESA has several externally-accessible network services that can be used to monitor the health and status of the system.
The ESA will respond to ICMP ECHO REQUEST datagrams (commonly called "ping" messages). A simple "ping" test can determine basic IP reachability of the appliance and whether it has power and is operating normally at the lowest level of the operating system. All IP interfaces configured will respond to ICMP packets.
The ESA can be monitored using SNMP management stations and SNMP monitoring tools. The SNMP MIB supported is the IETF-standardized MIB-II. This can be used to see low-level IP-layer and transport-layer statistics, such as datagrams and octets in and out of the system. SNMP management must be enabled with the "snmpconfig" CLI command. Only one interface can be enabled at a time to receive SNMP queries (although the MIB-II database covers the entire system). Also, if you are using SNMP v1/v2c, you must specify the network that your SNMP queries will come from. The ESA can send a coldStart SNMP trap to a single management station, if configured using the "snmpconfig" CLI command. This can be used to detect system reboots as well as SNMP agent restarts. Cisco provides an "enterprise" MIB as well as a "Structure of Management Information" (SMI) file for the ESA.
If configured, the ESA will offer SMTP, FTP, SSH, HTTP, and HTTPS services on any interface. These services can be individually enabled or disabled. The ESA also supports unencrypted TELNET access, although this is strongly discouraged. Monitoring tools can connect to one or more of these services on one or more interfaces to verify that the services are running and returning the correct banner. Configuration of services other than SMTP is handled using "interfaceconfig" CLI command; configuration of SMTP services is handled with the "listenerconfig" CLI command.
In AsyncOS XML-based statistics and status information are available via the HTTP or HTTPS access methods. These XML statistics can be gathered by a monitoring application or a command-line tool such as "curl". For example, for an ESA with administrative password "cisco123," the following "curl" commands will retrieve a variety of information: